The Certificate Authority failed to download the challenge files from the temporary standalone webserver

Hello,
*My domain is: nmpi.hbpneuromorphic.eu
**I ran this command: certbot certonly -d nmpi.hbpneuromorphic.eu
I get this output
Certbot failed to authenticate some domains (authenticator: standalone). The Certificate Authority reported these problems:
Domain: nmpi.hbpneuromorphic.eu
Type: connection
Detail: Fetching http://nmpi.hbpneuromorphic.eu/.well-known/acme-challenge/bD-UTFIjKPk8BVFAE5l5bsCJRArpFxPnkEJI9jdSRWA: Connection refused

Hint: The Certificate Authority failed to download the challenge files from the temporary standalone webserver started by Certbot on port 80. Ensure that the listed domains point to this machine and that it can accept inbound connections from the internet.

I tested with let's Debug and the result :nmpi.hbpneuromorphic.eu using tls-alpn-01 was OK

But when testing with http-01:
nmpi.hbpneuromorphic.eu has an A (IPv4) record (148.187.149.91) but a request to this address over port 80 did not succeed. Your web server must have at least one working IPv4 or IPv6 address.

anybody can help me please

certbot does not support the tls-alpn-01 challenge, only http-01 or dns-01.

I'm also moving your thread to the #help section as this is, to me, not a feature request, but more asking for help.

thank you.
So, i was tested with dns-01 challenge it was ok. only troubleshooting with http-01.
Shall i asking for opening the port 80 for the domain?

As long als HTTPS (using port 443) is not the default protocol when people enter the hostname of your site in their browsers address bar, I would indeed recommend to open port 80. Also, using the http-01 challenge is usually much easier than the dns-01 challenge. Often the DNS challenge cannot be automated, while the http-01 challenge is easily automated.

See also: Best Practice - Keep Port 80 Open - Let's Encrypt

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.