Struggling with ACME Challenge on a new .dev domain

My domain is: jariz.dev

I ran this command: sudo certbot --apache

It produced this output:
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for jariz.dev
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. jariz.dev (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://jariz.dev/.well-known/acme-challenge/-I-pDtRsX2w0GEQt_W3ldB9M0XvDAZikXzuHKaJCM3Y: Timeout during connect (likely firewall problem)

IMPORTANT NOTES:
The following errors were reported by the server:
Domain: jariz.dev
Type: connection
Detail: Fetching
http://jariz.dev/.well-known/acme-challenge/-I-pDtRsX2w0GEQt_W3ldB9M0XvDAZikXzuHKaJCM3Y:
Timeout during connect (likely firewall problem)

My web server is (include version): Apache/2.4.29

The operating system my web server runs on is (include version): Ubuntu 18.04

My hosting provider, if applicable, is: Me

I can login to a root shell on my machine (yes or no, or I don’t know): Yep

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): Nope

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.31.0

I feel like a moron, but I’m stuck and could use help. Pretty sure it’s not my firewall, as I had a different server with a certbot-provided cert running with the same port configuration here not so long ago. The only thing I can think of is because I’m using the .dev TLD (I know, kind of silly, but it was on sale), but everything I’ve read says that should’t be the case.

Ran this based on some of the other posts here: https://check-your-website.server-daten.de/?q=jariz.dev

And thank you in advance for any time spent writing me a response.

1 Like

Hi @DS501st

reading your check-result: There is no port 80. Only timeouts, that can't work.

But your port 443 is a http port. Looks like a home server with a wrong port redirect

extern port 443 -> intern port 80.

A

extern port 80 -> intern port 80

is required, same (later) with port 443.

PS: The dev domain isn't relevant. First, it's a configuration problem.

1 Like

Figured it out, I had an overzealous network appliance that I had forgotten about and was causing issues.

Thanks

3 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.