My domain is: home.superversive.net
I ran this command: sudo certbot certonly
I have tried many different combinations of other options as well. I have an nginx webserver running on the machine. I also tried it where I turn that off and let it run the webserver itself. That is what I used to use and it worked well till this last time.
It produced this output:
Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems:
Domain: home.superversive.net
Type: connection
Detail: 159.196.215.189: Fetching http://home.superversive.net/.well-known/acme-challenge/6bgzwSTgTsiMvAgDWa8wprx_xQ4j56AtNoYBGN_6kq8: Timeout during connect (likely firewall problem)
Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet.
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
My web server is (include version): nginx/1.18.0 (Ubuntu)
The operating system my web server runs on is (include version): Ubuntu 22.04.2 LTS
My hosting provider, if applicable, is: Self hosted
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot):certbot 2.3.0
I have been trying for a while to get this to go and it wont. It used to work beautifully but I gather something has changed?
I used to run the following command after stopping nginx on the server
sudo certbot certonly --nginx -v --rsa-key-size 2048 --standalone --agree-tos --no-eff-email --email jwrennie@gmail.com -d home.superversive.net
And it would run happily, review, and the shell script would stop and then restart nginx.
There is an old configuration directory with the various files in it. I updated certbot to use the current snap version as recommended on the website after it broke.
I can definitely connect to the webserver on port 80 on home.superversive.net. I have it port forwarded through my router. I manually created the .well-known and acme-challenge folders and stuck index.html files in them that I can access from the web so the machine and the sub folders required do seem accessible. The webserver is running out of the default /var/www/html/ directory.
If I can manually get the challenge files and copy them I can if that would work. I'm really at a loss here.