Renewing certificate behind https

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command: usr/bin/certbot renew

It produced this output: Attempting to renew cert ( from /etc/letsencrypt/renewal/ produced an unexpected error: Failed authorization procedure. (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching Timeout. Skipping.

My web server is (include version):

The operating system my web server runs on is (include version): Ubuntu 16.04

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):no is reachable. But still having problems with renewing the certificate.

I am running nginx with http to https rewrite, is this the problem ?

The rewrite shouldn’t be an issue, as Let’s Encrypt follows up to several redirects. Could you post the relevant vhost configuration and Let’s Encrypt log files? At a glance I don’t see any reason this wouldn’t be working.

Hi @doludizgin,

I can’t reach your http site too:

$ curl -IkL
curl: (7) Failed to connect to port 80: Connection timed out

but I can reach your https site:

$ curl -IL
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Wed, 13 Sep 2017 16:41:23 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Sat, 08 Jul 2017 10:36:58 GMT
Connection: keep-alive
ETag: "5960b5ca-264"
Strict-Transport-Security: max-age=63072000; includeSubdomains
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Accept-Ranges: bytes

So seems a firewall blocking port 80 or something not properly configured in your nginx conf :slight_smile:


@doludizgin , If you are using proper rewrite rule , when we hit it should redirect to . can you post your config here.


make site available in http and https by removing rewrite rule .so that it can reach your site .

Oh stupid me, blocked port 80…

it worked.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.