Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: (lnx14,fww,kb-chgv,kb-it,kb-md).messe-duesseldorf.de
I ran this command: certbot certonly --dry-run --config /etc/letsencrypt/cli.ini --preferred-challenges http-01 --standalone --domain lnx14.messe-duesseldorf.de,fww.messe-duesseldorf.de,kb-chgv.messe-duesseldorf.de,kb-it.messe-duesseldorf.de,kb-md.messe-duesseldorf.de
Processing…
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Simulating a certificate request for lnx14.messe-duesseldorf.de and 4 more domains
The dry run was successful.
And afterwards: certbot certonly --config /etc/letsencrypt/cli.ini --preferred-challenges http-01 --standalone --domain lnx14.messe-duesseldorf.de,fww.messe-duesseldorf.de,kb-chgv.messe-duesseldorf.de,kb-it.messe-duesseldorf.de,kb-md.messe-duesseldorf.de
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requesting a certificate for lnx14.messe-duesseldorf.de and 4 more domains
----------------------------------------
Exception occurred during processing of request from ('10.7.2.3', 52771)
Traceback (most recent call last):
File "/usr/lib64/python3.11/socketserver.py", line 317, in _handle_request_noblock
self.process_request(request, client_address)
File "/usr/lib64/python3.11/socketserver.py", line 348, in process_request
self.finish_request(request, client_address)
File "/usr/lib64/python3.11/socketserver.py", line 361, in finish_request
self.RequestHandlerClass(request, client_address, self)
File "/usr/lib/python3.11/site-packages/acme/standalone.py", line 237, in __init__
super().__init__(*args, **kwargs)
File "/usr/lib64/python3.11/socketserver.py", line 755, in __init__
self.handle()
File "/usr/lib/python3.11/site-packages/acme/standalone.py", line 262, in handle
BaseHTTPServer.BaseHTTPRequestHandler.handle(self)
File "/usr/lib64/python3.11/http/server.py", line 432, in handle
self.handle_one_request()
File "/usr/lib64/python3.11/http/server.py", line 420, in handle_one_request
method()
File "/usr/lib/python3.11/site-packages/acme/standalone.py", line 270, in do_GET
self.handle_404()
File "/usr/lib/python3.11/site-packages/acme/standalone.py", line 283, in handle_404
self.end_headers()
File "/usr/lib64/python3.11/http/server.py", line 534, in end_headers
self.flush_headers()
File "/usr/lib64/python3.11/http/server.py", line 538, in flush_headers
self.wfile.write(b"".join(self._headers_buffer))
File "/usr/lib64/python3.11/socketserver.py", line 834, in write
self._sock.sendall(b)
ConnectionResetError: [Errno 104] Connection reset by peer
----------------------------------------
Certbot failed to authenticate some domains (authenticator: standalone). The Certificate Authority reported these problems:
Domain: kb-md.messe-duesseldorf.de
Type: connection
Detail: 194.9.88.92: Fetching http://kb-md.messe-duesseldorf.de/.well-known/acme-challenge/lSeXYhK6-Lp0InNID-IXR_ZfE9reGhg8E6XJOnfXHYs: Timeout during connect (likely firewall problem)
Hint: The Certificate Authority failed to download the challenge files from the temporary standalone webserver started by Certbot on port 80. Ensure that the listed domains point to this machine and that it can accept inbound connections from the internet.
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
My web server is (include version): certbot --standalone
The operating system my web server runs on is (include version): openSUSE Tumbleweed
My hosting provider, if applicable, is: on prem
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot): certbot 1.31.0
All domains resolve successfully and other multi domain certs have successfully been issued, I'm completely unaware of python and its details and was not able to find something like a timeout value which could be increased. Any hint or help is more than welcome.