Hello, guys!!
It's returning this error to me... I believe I may have blocked my ip.
An unexpected error occurred:
requests.exceptions.ConnectTimeout: HTTPSConnectionPool(host='acme-v02.api.letsencrypt.org', port=443): Max retries exceeded with url: /directory (Caused by ConnectTimeoutError(<urllib3.connection.HTTPSConnection object at 0x7f021141d0d0>, 'Connection to acme-v02.api.letsencrypt.org timed out. (connect timeout=45)'))
My ip: 187.44.85.107
Welcome @luciano_30
That message says you are not making an outbound request to the Let's Encrypt ACME server. I can't make a request to your IP either. It looks like you don't have comms working between your IP server and the internet - at all.
If you want better advice please answer the questions on the form you were shown (below)
curl -I 187.44.85.107
curl: (56) Recv failure: Connection reset by peer
curl -I https://187.44.85.107
curl: (7) Failed to connect to 187.44.85.107 port 443 after 140 ms: Connection refused
========================================
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
I ran this command:
It produced this output:
My web server is (include version):
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
My domain is: abt.callsys.com.br
I ran this command: certbot --nginx
It produced this output: An unexpected error occurred:
requests.exceptions.ConnectTimeout: HTTPSConnectionPool(host='acme-v02.api.letsencrypt.org', port=443): Max retries exceeded with url: /directory (Caused by ConnectTimeoutError(<urllib3.connection.HTTPSConnection object at 0x7f021141d0d0>, 'Connection to acme-v02.api.letsencrypt.org timed out. (connect timeout=45)'))
My web server is (include version): nginx version: nginx/1.18.0
The operating system my web server runs on is (include version): Debian 11.4
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know): No
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.31.0
I don't agree, a connection refused is an active refusal from the server. Although it could be send by a firewall in between, it's usually the host itself.
Also, ping works 
@luciano_30 Could you please run the following commands?
curl -LIv4 https://acme-v02.api.letsencrypt.org/
curl -LIv6 https://acme-v02.api.letsencrypt.org/
And show the output?
curl -LIv4 https://acme-v02.api.letsencrypt.org/
* Trying 172.65.32.248:443...
* Connected to acme-v02.api.letsencrypt.org (172.65.32.248) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
* CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use h2
* Server certificate:
* subject: CN=acme-v02.api.letsencrypt.org
* start date: Sep 8 19:36:39 2022 GMT
* expire date: Dec 7 19:36:38 2022 GMT
* subjectAltName: host "acme-v02.api.letsencrypt.org" matched cert's "acme-v02.api.letsencrypt.org"
* issuer: C=US; O=Let's Encrypt; CN=R3
* SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x5631114facc0)
> HEAD / HTTP/2
> Host: acme-v02.api.letsencrypt.org
> user-agent: curl/7.74.0
> accept: */*
>
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
* Connection state changed (MAX_CONCURRENT_STREAMS == 128)!
< HTTP/2 200
HTTP/2 200
< server: nginx
server: nginx
< date: Wed, 26 Oct 2022 17:03:51 GMT
date: Wed, 26 Oct 2022 17:03:51 GMT
< content-type: text/html
content-type: text/html
< content-length: 1540
content-length: 1540
< last-modified: Thu, 23 Jun 2022 21:25:28 GMT
last-modified: Thu, 23 Jun 2022 21:25:28 GMT
< etag: "62b4da48-604"
etag: "62b4da48-604"
< x-frame-options: DENY
x-frame-options: DENY
< strict-transport-security: max-age=604800
strict-transport-security: max-age=604800
<
* Connection #0 to host acme-v02.api.letsencrypt.org left intact
curl -LIv6 https://acme-v02.api.letsencrypt.org/
* Trying 2606:4700:60:0:f53d:5624:85c7:3a2c:443...
* Immediate connect fail for 2606:4700:60:0:f53d:5624:85c7:3a2c: Não foi possível acessar o endereço requisitado
* Closing connection 0
curl: (7) Couldn't connect to server
It seems that your systems is having IPv6 connectivity issues.
Although in that case it's weird that the ACME client gets a timeout, but curl another error.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.