Problem with active let's Encrypt on Ubuntu 14.04 on Amazon AWS


#1

Hi,

Please help my solve this problem
Ubuntu 14.04
Apache with Virtual Host
I want to I want to install let’s encrypt only in a virtual host

i following this guide:

but when after first installation that It seems to have gone well. nothing works.

here the result if now i restart installation

-rwxr-xr-x 1 root root 46237 Jan 26 21:05 certbot-auto*
ubuntu@ixxxx:/usr/local/sbin$ sudo certbot-auto --apache -d xxxx.com -d www.xxxx.com
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Obtaining a new certificate
Performing the following challenges:
tls-sni-01 challenge for xxxx.com
tls-sni-01 challenge for www.xxxx.com
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. www.xxxx.com (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Failed to connect to 99.99.99.99:443 for TLS-SNI-01 challenge, xxxx.com (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Failed to connect to 99.99.99.99:443 for TLS-SNI-01 challenge

IMPORTANT NOTES:

  • The following errors were reported by the server:

    Domain: www.xxxx.com
    Type: connection
    Detail: Failed to connect to 99.99.99.99:443 for TLS-SNI-01
    challenge

    Domain: xxxx.com
    Type: connection
    Detail: Failed to connect to 99.99.99.99:443 for TLS-SNI-01
    challenge

    To fix these errors, please make sure that your domain name was
    entered correctly and the DNS A record(s) for that domain
    contain(s) the right IP address. Additionally, please check that
    your computer has a publicly routable IP address and that no
    firewalls are preventing the server from communicating with the
    client. If you’re using the webroot plugin, you should also verify
    that you are serving files from the webroot path you provided.

thankyou


#2

Here : it seems only for certbot

Did your website work before trying install LE ssl ?

  • after : add same for 443 port (the one used for ssl)

#3

Yes he works also now in http, but no https


#4

OK, good,

Then i think (but unsure here) you have 2 solutions :slight_smile:

Force certbot to use http challenge sudo certbot-auto --apache --preferred-challenges "http" -d example.com -d www.example.com

Create a temporary self-signed ssl certificate


and activate ssl on your site with ssl certificate.

With the second way : it’s best :

  1. You learn how to create a self signed certificate
  2. You just have to update the certificate part when you have your LE certificate and key chain

#5

thank you, next week I’ll try


#6

Ensure that inbound connections are allowed for port 443 in the Security Groups associated with your AWS instance.


#7

Thanks for your help… solved!!!
Security Groups associated with my AWS instance was not configured


#8

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.