Request to unblock IP

marcocajon · November 24, 2021, 3:28am

I just migrated from nginx on my host OS to Nginx-proxy-manager, and I'm now unable to get SSL certificates from acme-v02.api.letsencrypt.org/directory

Note I'm a hobbyist doing all of this manually, running self hosted apps for personal and family use. I also have some own website projects.

It produced this output (I removed my email just in case):

*Error: Command failed: certbot certonly --config "/etc/letsencrypt.ini" --cert-name "npm-9" --agree-tos --authenticator webroot --email "XXXXXXXX@gmail.com" --preferred-challenges "dns,http" --domains "npm-alpha01.marcenaro.me" *
*Saving debug log to /var/log/letsencrypt/letsencrypt.log*
*An unexpected error occurred:*
*requests.exceptions.ConnectionError: HTTPSConnectionPool(host='acme-v02.api.letsencrypt.org', port=443): Max retries exceeded with url: /directory (Caused by NewConnectionError(': Failed to establish a new connection: [Errno -3] Temporary failure in name resolution'))*
*Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.*

* at ChildProcess.exithandler (node:child_process:397:12)*
* at ChildProcess.emit (node:events:390:28)*
* at maybeClose (node:internal/child_process:1064:16)*
* at Process.ChildProcess._handle.onexit (node:internal/child_process:301:5)*

My web server is (include version): Debian GNU/Linux 10 (buster)

My hosting provider, if applicable, is: AlphaVPS

I can login to a root shell on my machine (yes or no, or I don't know): Yes

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.21.0

Thanks team!

rg305 · November 24, 2021, 4:05am

Hi @marcocajon and welcome to the LE community forum

If you were able to obtain certs via nginx (and this is the only change made), then clearly the question should go to an nginx-proxy-manager forum.

That said, I also see:

But no actual webroot-path is specified.
hmm...

Also see:

So that looks like a temporary DNS failure on your system.
Can it resolve?:
acme-v02.api.letsencrypt.org

marcocajon · November 25, 2021, 4:02am

Thanks for taking a look!

In regards to:

My VPS is able to resolve it:

;; ANSWER SECTION:
acme-v02.api.letsencrypt.org. 7150 IN   CNAME   prod.api.letsencrypt.org.
prod.api.letsencrypt.org. 300   IN      CNAME   ca80a1adb12a4fbdac5ffcbc944e9a61.pacloudflare.com.
ca80a1adb12a4fbdac5ffcbc944e9a61.pacloudflare.com. 300 IN A 172.65.32.248

However when I try to curl:

debian@Alpha01:~$  curl http://acme-v02.api.letsencrypt.org/directory
curl: (56) Recv failure: Connection reset by peer

Again thanks for the help!

MikeMcQ · November 25, 2021, 4:10am

Need to use https for that so try:
curl https://acme-v02.api.letsencrypt.org/directory

system · December 25, 2021, 4:10am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Is my IP banned? Can this be undone? Help	6	604	July 13, 2023
Please unblock my IP Address Help	17	953	December 1, 2023
Blocked IP address / Nginx Proxy Manager and let's encrypt certificate Help	7	1141	March 21, 2023
My ip is apparently blocked Help	8	858	February 27, 2022
My IP is blocked Help	4	505	September 3, 2022

Request to unblock IP

Related topics