I’ve got an email saying that my cert will expire this 29th so I’m trying to run a --dry-run to see if it works fine but it doesn’t.
It worked fine the first 2 times I had to renew (months ago when I had to renew it)
Since then I did not touch letsEncrypt or certbot but now it won’t work.
I’m on ubuntu 16.04, I’ve updated certbot to the latest version and everything.
The domain is accessible fine and the users are using the site daily, yet LetsEncrypt fails to connect to it?
I’ve tried to avoid creating this topic and problem solve it but I can’t find any useful info or anyone that had this same issue before.
@cpu, could you see why the CA apparently can’t reach this IPv4 host? It seems to work fine for me! Is there any possibility that this is an anomaly with the new multipath probing?
@FexileTV, to check if the renewal process is temporarily shutting down your normal web server or something, could you post the contents of /etc/letsencrypt/renewal/nexuslogger.com-0001.conf and the complete command line that you use when you run the renewal command?
Thank you for the reply & support. I know LetsEncrypt is free but I really do appreciate that there is a place where we can get support & help, I want to say that I really do appreciate it.
If you’re using the Apache plugin, you shouldn’t really have to stop the Apache server in order to renew your certificate! So it still seems like there’s something mysterious going on.
I took a look and it seems like @fexiletv was able to issue for these domains. I see successful validation in the staging logs. When I look further back in the logs I can see the point where it was timing out. I don't believe it's related to the multipath probing because all of the validation authorities that attempted to contact the site at that point saw the same timeout. It's hard to say what the problem was but it appeared to affect multiple source networks and has since been resolved.
