[SOLVED] CertBot ERR_CONNECTION_REFUSED

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: 164.132.207.108

I ran this command: I followed this tutorial : https://certbot.eff.org/lets-encrypt/debianjessie-nginx

It produced this output: http://prntscr.com/o4d0xt

My web server is (include version): nginx

The operating system my web server runs on is (include version): debian 8

My hosting provider, if applicable, is: OVH

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): don’t know : the command is not recognized

The problem is that since i followed this tutorial, my site (https://164.132.207.108/) is showing me an error when i want to connect to it, so i want make certbot work or just desinstall it.

Hi @PapiCapi

you can't create a Letsencrypt certificate with an ip address as "domain name".

A worldwide unique domain name is required.

Checked your ip address - https://check-your-website.server-daten.de/?q=164.132.207.108 - there is a domain name visible - moncube.fr.

Checking that domain there is the same content. So create a certificate with

certbot -d moncube.fr -d www.moncube.fr --nginx
1 Like

Ok, so I must first link my domain to my server. But now, i must use my website without the https so how can i desinstall / disable certbot ?

if your site does not work with https after trying out with certbot, and it worked before launching certbot, I’d say that the best option is to use your backup to restore the previous nginx configuration. Disabling or uninstalling certbot will not do anything to your nginx configuration.

That's not required. Change your DNS entry so you have an A record moncube.fr -> 164.132.207.108, then create a certificate.

Where can I change that ?

In your domain management.

dns13.ovh.net is one of your name servers.

Perhaps OVH has a management.

Yes OVH has a management, and it's quite easy to use. But I don't think it would be really useful, since dig moncube.fr and www.moncube.fr both work fine.

1 Like
  • smile - yep, you have already the correct dns entries. :grinning:

In fact, now, i just don't want to touch the domain name, i was just testing on another server.

I hadn't one so i just reinstalled nginx but i got the same problem : there is still the redirection with https

Your domain doesn't have a redirect http -> https ( https://check-your-website.server-daten.de/?q=moncube.fr ):

Domainname Http-Status redirect Sec. G
• http://moncube.fr/
164.132.205.61 200 9.094 H
• http://www.moncube.fr/
164.132.205.61 200 0.100 H
• https://moncube.fr/
164.132.205.61 -2 1.060 V
ConnectFailure - Unable to connect to the remote server No connection could be made because the target machine actively refused it 164.132.205.61:443
• https://www.moncube.fr/
164.132.205.61 -2 1.050 V
ConnectFailure - Unable to connect to the remote server No connection could be made because the target machine actively refused it 164.132.205.61:443

Your browser may have cached the redirect -> it's impossible to check redirects with a browser. That's one reason such online tools are required -> new check, new clean start.

I’m talking about this one https://164.132.207.108/ :wink:

That’s not a domain name.

Well, yeah, but i tried to set it on this server (without domain name) so it couldn’t work, but now, i got a https redirection when i’m connecting to this site so i just can’t connect to it

there is no redirection on your site. None. When trying to connect with
wget https://moncube.fr
or
wget https://www.moncube.fr
there is only connection refused. When there is a redirect wget displays a 302 or 301 informative message.

So I think that you are simply missing the appropriate Server entries in your nginx configuration.
If you can share it with nginx -T maybe it could help to help you - I can’t believe these entries could have existed and you not having any config backup. I have a nginx.tar.gz on my personal workstation (that is backed up on external media). And I don’t even manage external users. Sigh.

Ok, i really don’t know how to explain myself, sorry …
In fact I have 2 servers : one with the domain name Moncube.fr and the other one without (164.132.207.108).
The problem is that on the server without the domain name, i tried to install certbot so it hadn’t worked. Now, on this server (164.132.207.108), i can’t connect to it because the redirection with https is redirecting to nothing so i just want to stop this redirection and go back to http

Oh good grief you could have begun your first post with that :slight_smile:
Yes wget 164.132.207.108 returns bad gateway.
does
sudo nginx -t
display some error ?

No :
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

The 164.132.207.108 is ok. You must check the “Bad gateway” that is reported.

What’s the address of the gateway?

164.132.207.254
(result of the command “ip route | grep default”)
default via 164.132.207.254 dev eth0