It produced this output:
requests.exceptions.ProxyError: HTTPSConnectionPool(host='acme-v02.api.letsencrypt.org', port=443): Max retries exceeded with url: /directory (Caused by ProxyError('Cannot connect to proxy.', timeout('timed out')))
My web server is (include version):
Apache 2.4.43
The operating system my web server runs on is (include version):
openSUSE Leap 15.3
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
1.26.0
Note:
I use a squidproxy server which is set in /etc/environment and the server connects to it fine (only way to get internet access is through the proxy, and the server has internet access). Squidproxy access log shows this error when certbot fails:
Note that Let's Encrypt needs to be able to connect to goslnet.gov.lc on port 80 (for the http-01 challenge) or port 443 (for the tls-alpn-01 challenge) to validate your hosntame. If your server has difficulty to connecto the outside world, how would the Let's Encrypt validation server be able to connect to your server?
Also, I noticed that goslnet.gov.lc does not have an IP address associated with it, so Let's Encrypt won't be able to connect to it anyway. That leaves the dns-01 challenge.
That's a Cloudflare IP address, probably the address resolved for ifconfig.co from OPs location. (I'm getting a different one from Europe.)
Ok I think I can figure out the problem now. From what I understand, the web server needs to be public facing. Our webservers are internal. Sorry, my mistake.
