Problem obtaining a certificate

Help
1

Hello.
I'm having trouble obtaining my certificate.
There's something unusual about it.
Can you help me figure it out?

We've received your email and assigned it ticket ID 18018.
To add additional comments, reply to this email.

[root@localhost ~]# ss -tunlp

Netid             State              Recv-Q             Send-Q                                             Local Address:Port                           Peer Address:Port             Process
udp               UNCONN             0                  0                                                        0.0.0.0:4789                                0.0.0.0:*
udp               UNCONN             0                  0                                                    192.168.1.4:7946                                0.0.0.0:*                 users:(("dockerd",pid=1190,fd=26))
udp               UNCONN             0                  0                                                      127.0.0.1:323                                 0.0.0.0:*                 users:(("chronyd",pid=957,fd=4))
udp               UNCONN             0                  0                                                          [::1]:323                                    [::]:*                 users:(("chronyd",pid=957,fd=5))
udp               UNCONN             0                  0                               [fe80::12c3:7bff:fe93:44a4]%eno1:546                                    [::]:*                 users:(("NetworkManager",pid=1030,fd=27))
tcp               LISTEN             0                  128                                                      0.0.0.0:22                                  0.0.0.0:*                 users:(("sshd",pid=1078,fd=7))
tcp               LISTEN             0                  100                                                    127.0.0.1:25                                  0.0.0.0:*                 users:(("master",pid=1171,fd=13))
tcp               LISTEN             0                  2048                                                 192.168.1.4:7946                                0.0.0.0:*                 users:(("dockerd",pid=1190,fd=25))
tcp               LISTEN             0                  2048                                                 192.168.1.4:2377                                0.0.0.0:*                 users:(("dockerd",pid=1190,fd=22))
tcp               LISTEN             0                  128                                                         [::]:22                                     [::]:*                 users:(("sshd",pid=1078,fd=8))
tcp               LISTEN             0                  100                                                        [::1]:25                                     [::]:*                 users:(("master",pid=1171,fd=14))

[root@localhost ~]# certbot certonly --standalone -d globalmarket.center
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requesting a certificate for globalmarket.center

Certbot failed to authenticate some domains (authenticator: standalone). The Certificate Authority reported these problems:
Identifier: globalmarket.center
Type: connection
Detail: 80.240.248.42: Fetching http://globalmarket.center/.well-known/acme-challenge/5bA3iNdseBYY01vj3y9LyhAxibnLcv1iULJlBu5Jk5g: Error getting validation data

Hint: The Certificate Authority failed to download the challenge files from the temporary standalone webserver started by Certbot on port 80. Ensure that the listed domains point to this machine and that it can accept inbound connections from the internet.

Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

[root@localhost ~]# cat /var/log/letsencrypt/letsencrypt.log

2026-04-09 12:30:30,392:DEBUG:urllib3.connectionpool:http://localhost:None "GET /v2/connections?snap=certbot&interface=content HTTP/1.1" 200 97
2026-04-09 12:30:31,373:DEBUG:certbot._internal.main:certbot version: 5.5.0
2026-04-09 12:30:31,374:DEBUG:certbot._internal.main:Location of certbot entry point: /snap/certbot/5528/bin/certbot
2026-04-09 12:30:31,374:DEBUG:certbot._internal.main:Arguments: ['--standalone', '-d', 'globalmarket.center', '--preconfigured-renewal']
2026-04-09 12:30:31,374:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2026-04-09 12:30:31,431:DEBUG:certbot._internal.log:Root logging level set at 30
2026-04-09 12:30:31,436:DEBUG:certbot._internal.plugins.selection:Requested authenticator standalone and installer None
2026-04-09 12:30:31,436:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * standalone
Description: Runs an HTTP server locally which serves the necessary validation files under the /.well-known/acme-challenge/ request path. Suitable if there is no HTTP server already running. HTTP challenge only (wildcards not supported).
Interfaces: Authenticator, Plugin
Entry point: EntryPoint(name='standalone', value='certbot._internal.plugins.standalone:Authenticator', group='certbot.plugins')
Initialized: <certbot._internal.plugins.standalone.Authenticator object at 0x7fcbc7619cd0>
Prep: True
2026-04-09 12:30:31,437:DEBUG:certbot._internal.plugins.selection:Selected authenticator <certbot._internal.plugins.standalone.Authenticator object at 0x7fcbc7619cd0> and installer None
2026-04-09 12:30:31,437:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator standalone, Installer None
2026-04-09 12:30:31,491:DEBUG:certbot._internal.main:Picked account: <Account(RegistrationResource(body=Registration(key=None, contact=(), agreement=None, status=None, terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/3168244031', new_authzr_uri=None, terms_of_service=None), a6c90c6768a97ddea1519ec11f70bae5, Meta(creation_dt=datetime.datetime(2026, 3, 22, 9, 0, 18, tzinfo=datetime.timezone.utc), creation_host='Unknown', register_to_eff='a.lezhepekov@yandex.ru'))>
2026-04-09 12:30:31,492:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2026-04-09 12:30:31,493:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443
2026-04-09 12:30:32,352:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 1033
2026-04-09 12:30:32,352:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Thu, 09 Apr 2026 09:30:32 GMT
Content-Type: application/json
Content-Length: 1033
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
  "meta": {
    "caaIdentities": [
      "letsencrypt.org"
    ],
    "profiles": {
      "classic": "https://letsencrypt.org/docs/profiles#classic",
      "shortlived": "https://letsencrypt.org/docs/profiles#shortlived",
      "tlsclient": "https://letsencrypt.org/docs/profiles#tlsclient",
      "tlsserver": "https://letsencrypt.org/docs/profiles#tlsserver"
    },
    "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.6-August-18-2025.pdf",
    "website": "https://letsencrypt.org"
  },
  "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
  "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
  "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
  "renewalInfo": "https://acme-v02.api.letsencrypt.org/acme/renewal-info",
  "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert",
  "zYMaEnQ8fU4": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417"
}
2026-04-09 12:30:32,352:DEBUG:certbot._internal.display.obj:Notifying user: Requesting a certificate for globalmarket.center
2026-04-09 12:30:32,354:DEBUG:acme.client:Requesting fresh nonce
2026-04-09 12:30:32,354:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
2026-04-09 12:30:32,593:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0
2026-04-09 12:30:32,593:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Thu, 09 Apr 2026 09:30:32 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: v9ARF6dgEMPzuO-HEXamoKzm3xI8gL3NqAjnxVeYOS84dD0x-Vc
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800


2026-04-09 12:30:32,593:DEBUG:acme.client:Storing nonce: v9ARF6dgEMPzuO-HEXamoKzm3xI8gL3NqAjnxVeYOS84dD0x-Vc
2026-04-09 12:30:32,594:DEBUG:acme.client:JWS payload:
b'{\n  "identifiers": [\n    {\n      "type": "dns",\n      "value": "globalmarket.center"\n    }\n  ]\n}'
2026-04-09 12:30:32,595:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzE2ODI0NDAzMSIsICJub25jZSI6ICJ2OUFSRjZkZ0VNUHp1Ty1IRVhhbW9Lem0zeEk4Z0wzTnFBam54VmVZT1M4NGREMHgtVmMiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9",
  "signature": "Er_BCVRl8i_m6F7mGZrD_mqUVyWMZEQHUXANhfdTBPzVldXzz8CrcG_5rMAgGpR31KeA5xCGuF4NnFEEhZy3j6N_VlZ8fxH6dntGJyNoH29SeNAKteMuNnPqZjZRnhJs-bcaqdHQ5nGxUB1D0GPQe3HC-48KSECowywyGV6UQ3t_lxwMthV9su3EwLUnJ287x-pTshnZBQOx2wdmMXNTDnJOQzsKhSu8pMzP50Uhmr1H_tL4_Lic9sGOTBi4S1X6DUt-J6DbiW4WjPbsXGWRUp2sej8_az3n943Xmi7qOrRl33OyP0W46GdAtatp2AqxlF5hAJNLMyTCeTsanrf70Q",
  "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImdsb2JhbG1hcmtldC5jZW50ZXIiCiAgICB9CiAgXQp9"
}
2026-04-09 12:30:32,993:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 353
2026-04-09 12:30:32,994:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Date: Thu, 09 Apr 2026 09:30:32 GMT
Content-Type: application/json
Content-Length: 353
Connection: keep-alive
Boulder-Requester: 3168244031
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Location: https://acme-v02.api.letsencrypt.org/acme/order/3168244031/498881097311
Replay-Nonce: v9ARF6dgkwATU9J4iaIbN7IZBv_Y--LGIEwoyUi6Hmnbol9McTc
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "status": "pending",
  "expires": "2026-04-16T09:30:32Z",
  "identifiers": [
    {
      "type": "dns",
      "value": "globalmarket.center"
    }
  ],
  "authorizations": [
    "https://acme-v02.api.letsencrypt.org/acme/authz/3168244031/685492587581"
  ],
  "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/3168244031/498881097311"
}
2026-04-09 12:30:32,994:DEBUG:acme.client:Storing nonce: v9ARF6dgkwATU9J4iaIbN7IZBv_Y--LGIEwoyUi6Hmnbol9McTc
2026-04-09 12:30:32,994:DEBUG:acme.client:JWS payload:
b''
2026-04-09 12:30:32,995:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz/3168244031/685492587581:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzE2ODI0NDAzMSIsICJub25jZSI6ICJ2OUFSRjZkZ2t3QVRVOUo0aWFJYk43SVpCdl9ZLS1MR0lFd295VWk2SG1uYm9sOU1jVGMiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LzMxNjgyNDQwMzEvNjg1NDkyNTg3NTgxIn0",
  "signature": "AhebND28jh-wYw6rbQhC7Kmp-ImC1lUQMMwFAUlrkDEth-dU-r5LgziELi8yOWFYQUBik9NaKwKZrgNYfoiteuai-gIDrEMHm0G0LCcTdVsusSZ0p0gGD_5QobI8F6ZSqbK1gDyM9EQ_DOWSnN_EW2iWqmUFWO6lKob9xslcMe-33Y8vWRUAMXKGkKp5HpOXl4XhxCQboqu60QRVkNr5YAaeVFCXwg15PpKLso4Gc7gRQZwDvZmPpNzeDJd3cY1vOOx58uh9qWk_VxQiPIszYljKjQdYVlFREKk-GjnEmjrPrL0N1LaH3PdJ2Swr63I3qnqqT3x4FKnVdLVgWLlxQA",
  "payload": ""
}
2026-04-09 12:30:33,237:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz/3168244031/685492587581 HTTP/1.1" 200 827
2026-04-09 12:30:33,237:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Thu, 09 Apr 2026 09:30:33 GMT
Content-Type: application/json
Content-Length: 827
Connection: keep-alive
Boulder-Requester: 3168244031
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: v9ARF6dgNGxjD9uXBeRT_grYEpw4HoaiPzKJFLB2c0ssZWj15jA
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "globalmarket.center"
  },
  "status": "pending",
  "expires": "2026-04-16T09:30:32Z",
  "challenges": [
    {
      "type": "tls-alpn-01",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall/3168244031/685492587581/OAmg3A",
      "status": "pending",
      "token": "5bA3iNdseBYY01vj3y9LyhAxibnLcv1iULJlBu5Jk5g"
    },
    {
      "type": "dns-01",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall/3168244031/685492587581/p5ibFg",
      "status": "pending",
      "token": "5bA3iNdseBYY01vj3y9LyhAxibnLcv1iULJlBu5Jk5g"
    },
    {
      "type": "http-01",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall/3168244031/685492587581/S818vg",
      "status": "pending",
      "token": "5bA3iNdseBYY01vj3y9LyhAxibnLcv1iULJlBu5Jk5g"
    }
  ]
}
2026-04-09 12:30:33,237:DEBUG:acme.client:Storing nonce: v9ARF6dgNGxjD9uXBeRT_grYEpw4HoaiPzKJFLB2c0ssZWj15jA
2026-04-09 12:30:33,237:DEBUG:acme.challenges:tls-alpn-01 was not recognized, full message: {'type': 'tls-alpn-01', 'url': 'https://acme-v02.api.letsencrypt.org/acme/chall/3168244031/685492587581/OAmg3A', 'status': 'pending', 'token': '5bA3iNdseBYY01vj3y9LyhAxibnLcv1iULJlBu5Jk5g'}
2026-04-09 12:30:33,237:INFO:certbot._internal.auth_handler:Performing the following challenges:
2026-04-09 12:30:33,237:INFO:certbot._internal.auth_handler:http-01 challenge for Identifier(typ=IdentifierType(dns), value='globalmarket.center')
2026-04-09 12:30:33,238:DEBUG:acme.standalone:Successfully bound to :80 using IPv6
2026-04-09 12:30:33,239:DEBUG:acme.standalone:Certbot wasn't able to bind to :80 using IPv4, this is often expected due to the dual stack nature of IPv6 socket implementations.
2026-04-09 12:30:33,240:DEBUG:acme.client:JWS payload:
b'{}'
2026-04-09 12:30:33,240:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall/3168244031/685492587581/S818vg:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzE2ODI0NDAzMSIsICJub25jZSI6ICJ2OUFSRjZkZ05HeGpEOXVYQmVSVF9ncllFcHc0SG9haVB6S0pGTEIyYzBzc1pXajE1akEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLzMxNjgyNDQwMzEvNjg1NDkyNTg3NTgxL1M4MTh2ZyJ9",
  "signature": "iMXg5I6DfaJHKnWrYRnwRdLTXrIrFJ6YbtYKFltQ4tLfkoTgXJ36OEWTekxXjX708N4oVFQZh9yFLnj9OOFjKnfd4813I3EMe5I3SuDMcZPD9s2d-4TPdRtczUGgYfIJDv6pvqVH8zC2bmfJRuUHPgPXYGlxuBCn_hOlSuSJY4T5NhiPNlFIPp2drdA90w7n7ou8ppPViavtAHEfjJJZEkt1fG62NJVXIXmXI-oCQgkiI7Q2EjrneMaYtrOb23j-KZlqE5wuNMkdM3cfweEK5IqLpsCwo4H7P2otsA-ioF4KJZgr-UfKXZIVlYsaIKIZawK9oyq7yJvqni_DNkcukg",
  "payload": "e30"
}
2026-04-09 12:30:33,497:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall/3168244031/685492587581/S818vg HTTP/1.1" 200 195
2026-04-09 12:30:33,497:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Thu, 09 Apr 2026 09:30:33 GMT
Content-Type: application/json
Content-Length: 195
Connection: keep-alive
Boulder-Requester: 3168244031
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index", <https://acme-v02.api.letsencrypt.org/acme/authz/3168244031/685492587581>;rel="up"
Location: https://acme-v02.api.letsencrypt.org/acme/chall/3168244031/685492587581/S818vg
Replay-Nonce: e8SfZ44tJAdnASgAPspL2JNTvZHnSpsQAoyowf4wpHZu9qzIef0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "type": "http-01",
  "url": "https://acme-v02.api.letsencrypt.org/acme/chall/3168244031/685492587581/S818vg",
  "status": "pending",
  "token": "5bA3iNdseBYY01vj3y9LyhAxibnLcv1iULJlBu5Jk5g"
}
2026-04-09 12:30:33,497:DEBUG:acme.client:Storing nonce: e8SfZ44tJAdnASgAPspL2JNTvZHnSpsQAoyowf4wpHZu9qzIef0
2026-04-09 12:30:33,498:INFO:certbot._internal.auth_handler:Waiting for verification...
2026-04-09 12:30:34,498:DEBUG:acme.client:JWS payload:
b''
2026-04-09 12:30:34,499:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz/3168244031/685492587581:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMzE2ODI0NDAzMSIsICJub25jZSI6ICJlOFNmWjQ0dEpBZG5BU2dBUHNwTDJKTlR2WkhuU3BzUUFveW93ZjR3cEhadTlxekllZjAiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LzMxNjgyNDQwMzEvNjg1NDkyNTg3NTgxIn0",
  "signature": "hC4r1ckPIgSr-U6n4bFt77nOJn86qtLNtB6_F3vglwQIxPTuTB747hhnmdVYONBQzQukxwvPhFeU7fKEvzR5PKIBcjs_f2n9F_cuqlNByz1dGDO9bMpPvy7c5WEBYtbEkP_XFWHjZ7JkR3MX2pJXu1fRJzFZR0S2LUaaKH0TLVAOnXiib9noPk7Vr_VdQ835PKlaFZCOMW3Z08K3A45Ov-qgQBRJE2hoohtGFF44NTL8YJo624q4z_EVhdZeKZNBlnOUnzcf171MzSI97m98vAcKhM0Qa7xMnBeZ3RxzgZXWM1yeSbbjCy-vESG55rLmygcqrzhXLI0X1N2zdYv9pg",
  "payload": ""
}
2026-04-09 12:30:34,743:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz/3168244031/685492587581 HTTP/1.1" 200 1063
2026-04-09 12:30:34,744:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Thu, 09 Apr 2026 09:30:34 GMT
Content-Type: application/json
Content-Length: 1063
Connection: keep-alive
Boulder-Requester: 3168244031
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: e8SfZ44tZ693DKGCic6z0xtOnENpJBTKgrZmyVHQt_jRdnV3wtM
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "globalmarket.center"
  },
  "status": "invalid",
  "expires": "2026-04-16T09:30:32Z",
  "challenges": [
    {
      "type": "http-01",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall/3168244031/685492587581/S818vg",
      "status": "invalid",
      "validated": "2026-04-09T09:30:33Z",
      "error": {
        "type": "urn:ietf:params:acme:error:connection",
        "detail": "80.240.248.42: Fetching http://globalmarket.center/.well-known/acme-challenge/5bA3iNdseBYY01vj3y9LyhAxibnLcv1iULJlBu5Jk5g: Error getting validation data",
        "status": 400
      },
      "token": "5bA3iNdseBYY01vj3y9LyhAxibnLcv1iULJlBu5Jk5g",
      "validationRecord": [
        {
          "url": "http://globalmarket.center/.well-known/acme-challenge/5bA3iNdseBYY01vj3y9LyhAxibnLcv1iULJlBu5Jk5g",
          "hostname": "globalmarket.center",
          "port": "80",
          "addressesResolved": [
            "80.240.248.42"
          ],
          "addressUsed": "80.240.248.42"
        }
      ]
    }
  ]
}
2026-04-09 12:30:34,744:DEBUG:acme.client:Storing nonce: e8SfZ44tZ693DKGCic6z0xtOnENpJBTKgrZmyVHQt_jRdnV3wtM
2026-04-09 12:30:34,744:INFO:certbot._internal.auth_handler:Challenge failed for domain globalmarket.center
2026-04-09 12:30:34,744:INFO:certbot._internal.auth_handler:http-01 challenge for Identifier(typ=IdentifierType(dns), value='globalmarket.center')
2026-04-09 12:30:34,744:DEBUG:certbot._internal.display.obj:Notifying user:
Certbot failed to authenticate some domains (authenticator: standalone). The Certificate Authority reported these problems:
  Identifier: globalmarket.center
  Type:   connection
  Detail: 80.240.248.42: Fetching http://globalmarket.center/.well-known/acme-challenge/5bA3iNdseBYY01vj3y9LyhAxibnLcv1iULJlBu5Jk5g: Error getting validation data

Hint: The Certificate Authority failed to download the challenge files from the temporary standalone webserver started by Certbot on port 80. Ensure that the listed domains point to this machine and that it can accept inbound connections from the internet.

2026-04-09 12:30:34,746:DEBUG:certbot._internal.error_handler:Encountered exception:
Traceback (most recent call last):
  File "/var/lib/snapd/snap/certbot/5528/lib/python3.12/site-packages/certbot/_internal/auth_handler.py", line 104, in handle_authorizations
    self._poll_authorizations(authzrs, max_retries, max_time_mins, best_effort)
  File "/var/lib/snapd/snap/certbot/5528/lib/python3.12/site-packages/certbot/_internal/auth_handler.py", line 208, in _poll_authorizations
    raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.

2026-04-09 12:30:34,746:DEBUG:certbot._internal.error_handler:Calling registered functions
2026-04-09 12:30:34,746:INFO:certbot._internal.auth_handler:Cleaning up challenges
2026-04-09 12:30:34,746:DEBUG:certbot._internal.plugins.standalone:Stopping server at :::80...
2026-04-09 12:30:35,241:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
  File "/snap/certbot/5528/bin/certbot", line 6, in <module>
    sys.exit(main())
             ^^^^^^
  File "/var/lib/snapd/snap/certbot/5528/lib/python3.12/site-packages/certbot/main.py", line 18, in main
    return internal_main.main(cli_args)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/var/lib/snapd/snap/certbot/5528/lib/python3.12/site-packages/certbot/_internal/main.py", line 1886, in main
    return config.func(config, plugins)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/var/lib/snapd/snap/certbot/5528/lib/python3.12/site-packages/certbot/_internal/main.py", line 1598, in certonly
    lineage = _get_and_save_cert(le_client, config, sans, certname, lineage)
              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/var/lib/snapd/snap/certbot/5528/lib/python3.12/site-packages/certbot/_internal/main.py", line 143, in _get_and_save_cert
    lineage = le_client.obtain_and_enroll_certificate(sans, certname)
              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/var/lib/snapd/snap/certbot/5528/lib/python3.12/site-packages/certbot/_internal/client.py", line 533, in obtain_and_enroll_certificate
    cert, chain, key, _ = self.obtain_certificate(sans)
                          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/var/lib/snapd/snap/certbot/5528/lib/python3.12/site-packages/certbot/_internal/client.py", line 434, in obtain_certificate
    orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/var/lib/snapd/snap/certbot/5528/lib/python3.12/site-packages/certbot/_internal/client.py", line 512, in _get_order_and_authorizations
    authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/var/lib/snapd/snap/certbot/5528/lib/python3.12/site-packages/certbot/_internal/auth_handler.py", line 104, in handle_authorizations
    self._poll_authorizations(authzrs, max_retries, max_time_mins, best_effort)
  File "/var/lib/snapd/snap/certbot/5528/lib/python3.12/site-packages/certbot/_internal/auth_handler.py", line 208, in _poll_authorizations
    raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.
2026-04-09 12:30:35,245:ERROR:certbot._internal.log:Some challenges have failed.
2

There appears to be a firewall blocking access to TCP port 80 (HTTP), access to TCP port 80 required for the http-01 validation method to succeed. If this isn't possible, you might want to consider the tls-alpn-01 validation method or the dns-01 validation method.

3

The --standalone method is difficult to debug because you need to keep Certbot running to test connection from the public internet.

Probably the easiest way to test is with these command options:

certbot certonly --standalone --dry-run --debug-challenges -v -d (domain)

This command will show you the challenge URL to try from the public internet and the proper response. After showing you this it will say "Press Enter to Continue". DO NOT PRESS ENTER.

Leave it paused and use a different device to test connection. You can use a mobile phone with wifi disabled to use your carrier's network.

You do not have to use the full URL. Just try http://(domain)

If the connection works this shorter URL should see a response like below. I am pretty sure you will get a timeout error instead just like Let's Encrypt did. Repeat this as needed as you modify your comms setup until it works.

ACME client standalone challenge solver

=====================================================

That all said, standalone is only a good choice for a small number of use cases. If you are planning on running a web server or something else on port 80 later on you should use a different method.

The standalone option requires exclusive use of port 80 while it runs so any other service needs to be stopped beforehand. I didn't see anything else currently listening on port 80 but wanted to be sure you knew.

You posted in the Client Dev section rather than Help. I moved you to Help and you would have been asked more questions. But, you provided most of the needed info already.

4

Where is certbot running?