Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
I ran this command: certbot certonly -d domain.com -d www.domain.com (real domain name used)
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
How would you like to authenticate with the ACME CA?
1: Nginx Web Server plugin (nginx)
2: Spin up a temporary webserver (standalone)
3: Place files in webroot directory (webroot)
Select the appropriate number [1-3] then [enter] (press βcβ to cancel): 2
Plugins selected: Authenticator standalone, Installer None
An unexpected error occurred:
Traceback (most recent call last):
File β/usr/lib/python3/dist-packages/urllib3/connectionpool.pyβ, line 601, in urlopen
chunked=chunked)
File β/usr/lib/python3/dist-packages/urllib3/connectionpool.pyβ, line 346, in _make_request
self._validate_conn(conn)
File β/usr/lib/python3/dist-packages/urllib3/connectionpool.pyβ, line 852, in validate_conn
conn.connect()
File β/usr/lib/python3/dist-packages/urllib3/connection.pyβ, line 326, in connect
ssl_context=context)
File "/usr/lib/python3/dist-packages/urllib3/util/ssl.py", line 332, in ssl_wrap_socket
return context.wrap_socket(sock, server_hostname=server_hostname)
File β/usr/lib/python3.6/ssl.pyβ, line 407, in wrap_socket
_context=self, _session=session)
File β/usr/lib/python3.6/ssl.pyβ, line 817, in init
self.do_handshake()
File β/usr/lib/python3.6/ssl.pyβ, line 1077, in do_handshake
self._sslobj.do_handshake()
File β/usr/lib/python3.6/ssl.pyβ, line 689, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:847)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File β/usr/lib/python3/dist-packages/requests/adapters.pyβ, line 440, in send
timeout=timeout
File β/usr/lib/python3/dist-packages/urllib3/connectionpool.pyβ, line 639, in urlopen
_stacktrace=sys.exc_info()[2])
File β/usr/lib/python3/dist-packages/urllib3/util/retry.pyβ, line 398, in increment
raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host=βacme-v02.api.letsencrypt.orgβ, port=443): Max retries exceeded with url: /directory (Caused by SSLError(SSLError(1, β[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:847)β),))
During handling of the above exception, another exception occurred:
requests.exceptions.SSLError: HTTPSConnectionPool(host=βacme-v02.api.letsencrypt.orgβ, port=443): Max retries exceeded with url: /directory (Caused by SSLError(SSLError(1, β[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:847)β),))
Please see the logfiles in /var/log/letsencrypt for more details.
root@lux:/var/log/letsencrypt#
My web server is (include version): Nginx - N/A for standalone, no?
The operating system my web server runs on is (include version): Ubuntu 18.04
My hosting provider, if applicable, is: N/A
I can login to a root shell on my machine (yes or no, or I donβt know): yes
Iβm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if youβre using Certbot): certbot 0.31.0