Server accessible from browser but Timeout in certbot

Help
1

My domain is: febos.ddns.net

I ran this command:

sudo certbot certonly --webroot -w /mnt/NoChill/apache_server -d febos.ddn
s.net

It produced this output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requesting a certificate for febos.ddns.net

Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems:
  Domain: febos.ddns.net
  Type:   connection
  Detail: Fetching http://febos.ddns.net/.well-known/acme-challenge/qKqIBqJ0yYhY9Sv_7MJU3zD8dVfUZ8WJ6lDzF2VEUnI: Timeout during connect (likely firewall problem)

Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet.

Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

My web server is: Apache/2.4.41 (Ubuntu)

The operating system my web server runs on is: Kubuntu 20.04

I can login to a root shell on my machine (yes or no, or I don't know): The server runs on my laptop so this is unnecessary I guess (?)

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.18.0

As the title goes. I can access the server fine from my browser but certbot throws timeout.
I am positive that it's not my firewall because I have tried the url from my phone using cellular data. I even tried manual mode and accessed the exact same link from my phone without any trouble and yet certbot timeouts for some reason.
I also tried the --apache flag and the result is the same.
The hint is a bit misleading though. It shows the same hint even if I don't create the file - which suggests the server can't actually establish the connection in the first place. I have tried everything and out of options now. Please help!

[I will keep the server running for next few hours in case anyone want to check]

2

I'm not able to access your site from my laptop, and running an external test indicates it times out:

Are you 100% sure that your ISP does not block port 80? Is your phone's cellular data connection on the same ISP (even if different service) as your home connection?

1 Like
3

Yes, you are right, the port 80 does seem to be blocked indeed. It is strange why I could still access it from cellular data. As far as I knew, broadband ISPs and mobile operators use their own distinct network. It was very very unlikely that they were on the same network. Anyway, my bad. I tried with a different port and that seemed to work. By "work", I mean the server established a connection but failed noting that the port has to be either 80 or 443 but I used a different one. But at least it connected so now I know the problem. Thanks!

4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.