Renewal "Connection Refused"

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

current certificate ID 3357996933

I ran this command:
certbot renew --dry-run

It produced this output:
Cert not due for renewal, but simulating renewal for dry run
Plugins selected: Authenticator webroot, Installer None
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for
http-01 challenge for
Waiting for verification...
Challenge failed for domain
Challenge failed for domain
http-01 challenge for
http-01 challenge for
Cleaning up challenges
Attempting to renew cert ( from /etc/letsencrypt/renewal/ produced an unexpected error: Some challenges have failed.. Skipping.

Type: connection
Detail: Fetching
Connection refused

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:
no, this is a home system

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
certbot 1.9.0

1 Like

Your port 443 (HTTPS) is working fine, but as the name already suggests, the http-01 challenge uses the HTTP protocol on port 80. And your nginx isn't answering on port 80: curl: (7) Failed to connect to port 80: Connection refused

So you'll need to open port 80 somehow: perhaps in nginx? Perhaps in your firewall? Perhaps in your (NAT) router?


Thanks a lot, it worked. I checked it with curl, but from the internal network, and the error was in the settings of the router.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.