Raspberry pi portainer issue

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:
I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

I am trying to run a home server using openmediavault, docker and portainer. I'm trying to run nextcloud for this. When I run letsencrypt and try to establish a connection with my dns client I get this error:

[Fri Sep  8 22:01:56 EDT 2023] Verifying: pineforestnas.duckdns.org
[Fri Sep  8 22:01:59 EDT 2023] Pending
[Fri Sep  8 22:02:02 EDT 2023] Pending
[Fri Sep  8 22:02:05 EDT 2023] Pending
[Fri Sep  8 22:02:08 EDT 2023] pineforestnas.duckdns.org:Verify error: Fetching http://pineforestnas.duckdns.org/.well-known/acme-challenge/1HzGxWZNtho6Y8qaUIUaRL0dz5ne3IXVgFa1RsRcIV0: Timeout during connect (likely firewall problem)
[Fri Sep  8 22:02:08 EDT 2023] Please check log file for more details: /dev/null
Sleep for 3600s

I have no idea what I am doing wrong here.

Hi @james-brinson, and welcome to the LE community forum :slight_smile:

You need a working HTTP server before you can secure it using HTTP-01 authentication.

curl -Ii pineforestnas.duckdns.org
curl: (56) Recv failure: Connection reset by peer


  • The IP address is up-to-date
    Name: pineforestnas.duckdns.org

  • the firewall(s) are allowing HTTP [TCP port 80] to reach the server
    [you may need to use port forwarding/NAT for that]

Which ACME client did you use?
[the more answers you provide the quicker we can get this resolved]


Did you think this would be simple?


ok, I have port forwarding enabled to my server (raspberry pi ip)
The duckdns is current
I appologize for my ignorance but I have no idea what you mean by needing a working HTTP server and I am also not sure about the ACME client?

Thank you for responding!


Before you can encrypt your http, you need to have a functioning unencrypted http.

Check your firewalls, your port forwarding (on ports 80 and 443), and your webserver.


This should not fail:

curl -Ii http://pineforestnas.duckdns.org/
curl: (56) Recv failure: Connection reset by peer

ok. what can i do to resolve that issue?

Is your website supposed to be public?

If yes, check your firewall for port 80.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.