I’m running a FreeBSD 10.2.
Compiled and installed certbot from py-certbot port.
I’m running the following command:
certbot certonly --webroot -w /isle/www/mydomainnam g -d mydomainname
I have verified that the /isle/www/mydomainname/ has appropriate folder.
I also verified that I have allowed external connection to my port 80.
Here is what I see with tcpdump:
That is a mail server with dovecot and exim, so I do not have any web server running on it.
But if I do “nc -l 80” I see my request sent from a browser.
Also I posted output from tcpdump that clearly shows that requests are coming.
certbot was executed in a webroot mode. I.e. it should serve as a web server, right?
And it seems that it is not doing so.
2016-08-18 12:35:16,442:DEBUG:acme.challenges:dns-01 was not recognized, full message: {u’status’: u’pending’, u’token’: u’RLdMzp-5AQMct5XBE9feiPMq4Tsn1dMyJ_O9voJmA6I’, u’type’: u’dns-01’, u’uri’: u’https://acme-v01.api.letsencrypt.org/acme/challenge/Rza_RwXW7WJExWIwcSgMvuLNYvaw0-GiNvQtS9jR7Z0/238683430’}
2016-08-18 12:35:16,443:INFO:certbot.reporter:Reporting to user: The following errors were reported by the server:
And I have a correct a DNS records for my domain names. But there is no reverse ip lookup. But it should not be a problem.
I successfully used letsencrypt of another machine on same hosting, but that machine is a Windows server.
--webroot is intended for systems with an existing web server. If you want certbot to spawn its own web server, you need --standalone. (Note that you can use either port 80 or 443, this is explained in the linked documentation. The default is 443, IIRC.)