Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/snarlgaming.com/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/snarlgaming.com/privkey.pem
Your certificate will expire on 2021-10-21. To obtain a new or
tweaked version of this certificate in the future, simply run
certbot again with the "certonly" option. To non-interactively
renew all of your certificates, run "certbot renew"
If you like Certbot, please consider supporting our work by:
The operating system my web server runs on is (include version): Ubuntu Server 21.04
My hosting provider, if applicable, is: localhost
I can login to a root shell on my machine (yes or no, or I don't know): Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No - using SSH
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.12.0
I set up everything correctly and received the congratulations prompt but for some reason my site wont propagate the HTTPS so I ran a Lets Debug and received this error: ERROR A test authorization for snarlgaming.com to the Let's Encrypt staging service has revealed issues that may prevent any certificate for this domain being issued. Fetching https://snarlgaming.com/.well-known/acme-challenge/TELHLjMWFy7q1nRdCKEMz5ljAATMBVSW9iGhaeIY1MA: Timeout during connect (likely firewall problem)
I am still pretty new at this so any help would be amazing ! thank you.
For HTTPS port 443 needs to be open. It seems to be closed now. This might be due to a firewall or perhaps a missing or incorrect NAT portmap if you're using a NAT router on your home connection and your site is also served from behind that NAT router.
ooooo I dont have port 443 open (I thought I did) I will try that now and let you know the results, I am using a NAT router but I have it set to open if that matters ? Thank you so much for your fast reply. should I set it to TCP or open for both TCP and UDP ?
the NAT type I have it set to open. I opened port 443/tcp do I need to restart ufw for the changes, if not, it didn't work. I am not so sure what you mean by the NAT portmap ? Ill google it and come back with results. again thank you so much! I've been having such a hard time trying to figure this out. I am used to using hosts where installing the SSL is a simple copy and paste lol
When you said your host was "localhost", I assumed you're hosting the site yourself, right? Not at a hosting provider actually called "Localhost"?
Yeah I am running it from a home server but my previous sites were all located at actual hosting companies like hostgator , Bluehost etc , thanks for the information! I do have the port forwarded to 80 am I able to make another instance where it forwards to 443 ? should it be both or can there only be one ?
Both need to be there, you also want to keep HTTP for a) future renewals of your certificate and b) users typing in your websites hostname without using "https://" in front of it.
I think I figured it out lmk if I am wrong. but I can add a custom service I set its service name to HTTPS , set the protocol to TCP; the external port range to 443; and then set the IP to my server 192.168.1.14 ?
That fixed it, the SSL is recognized but now my sites images aren't loading for some reason although they work fine with HTTP; I am sure that's for another forum though hahaha!! Best wishes!
That's often an issue indeed. We see this happening a lot with WordPress, where the sites URL in the admin needs to be changed from http://... to https://... at two places.
