"Some challenges have failed"

A while ago I ran into some issues with nginx proxy manager. Having to recreate my proxy host, i had to request a new SSL cert, but I have since then never gotten it work, I have tried recreating my docker container from scratch, but I still run into the same issue. Trying to request a letsincrypt SSL, I get "Internal Error" message, requesting it from the SSL tab, gives me the error "Some challenges have failed". I'm not super knowledgeable regarding proxy hosting, or SSL-requesting, but I've posted the letsincrypt logs, hoping the get some help or clarification on how to resolve this issue.

letsencrypt.txt (25.9 KB)

My domain is: request.nikraddin.com

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

Welcome @Nikraddin

Problems with NPM are usually configuration errors with it. You might get best advice at the NPM support forum. Many of us are not fans of NPM because it is so difficult to debug.

That said, the key part of that log is this

Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems:
  Domain: request.nikraddin.com
  Type:   connection
  Detail: Fetching http://request.nikraddin.com/.well-known/acme-challenge/NOgpaOCnaEXtPRRYO_YCGgm0OPVO2YmzNb-tNK10Oq4: 
Timeout during connect (likely firewall problem)

Your domain name (server) cannot be reached using HTTP on port 80. Most often this is because you have some firewall blocking those requests. It could be just your faulty comms and/or port setup. Or, even an ISP that is blocking that port (some residential ISP do this).

You should start by checking your comms config and general system setup. The https://letsdebug.net site is a good one to test new setups. Right now that fails with this same error.

Or, use a mobile phone with wifi disabled so using your carrier's public internet. Then use a browser to try to reach your domain. Right now that will fail with a timeout.

You need to get HTTP requests working before a cert request will succeed.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.