The server could not connect to the client to verify the domain

Vinaysikarwar · December 19, 2015, 6:16pm

I am getting this error when trying to generate a certificate using default process.

Can anyone please help me in creating that certificate.

serverco · December 19, 2015, 6:27pm

Difficult without a bit more information

The problem is, as stated in your title. The server couldn’t connect connect and verify the domain name.

Is the domain reachable by the general public ? can you give us the domain name ? can you give us the log or any more information from the script ?

Vinaysikarwar · December 20, 2015, 4:07am

I am getting this below error

Failed authorization procedure. webtechnologycodes.com (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Failed to connect to host for DVSNI challenge, www.webtechnologycodes.com (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Failed to connect to host for DVSNI challenge

IMPORTANT NOTES:

The following ‘urn:acme:error:connection’ errors were reported by
the server:

Domains: webtechnologycodes.com, www.webtechnologycodes.com
Error: The server could not connect to the client to verify the
domain

selecadm · December 20, 2015, 4:10am

It's on CloudFlare, so DVSNI challenge won't work.
See

Vinaysikarwar · December 20, 2015, 4:12am

Just a min, let me change my dns

Vinaysikarwar · December 20, 2015, 4:16am

I have changed my domain to my ip. Now it is not on cloudflare.

Vinaysikarwar · December 20, 2015, 4:18am

Now again when I tried I am getting the same error.

Failed authorization procedure. webtechnologycodes.com (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Failed to connect to host for DVSNI challenge, www.webtechnologycodes.com (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Failed to connect to host for DVSNI challenge

IMPORTANT NOTES:

The following ‘urn:acme:error:connection’ errors were reported by
the server:

Domains: webtechnologycodes.com, www.webtechnologycodes.com
Error: The server could not connect to the client to verify the
domain

selecadm · December 20, 2015, 4:21am

Now you should wait until DNS cache expires on the LE side. It still connects to CloudFlare.

Vinaysikarwar · December 20, 2015, 4:22am

OK, Thanks. I will let you know when cache are expires.

serverco · December 20, 2015, 7:47am

You can search the forums for other solutions to cloudflare which may help.

BregnedalSystems · December 20, 2015, 1:42pm

Try https://developers.google.com/speed/public-dns/cache LE use google dns

eva2000 · December 20, 2015, 2:56pm

[quote=“BregnedalSystems, post:11, topic:7365”]
Try https://developers.google.com/speed/public-dns/cache LE use google dns
[/quote] you sure… i thought LE used Akamai’s DNS ?

Vinaysikarwar · December 20, 2015, 3:24pm

I did every thing but always getting the same result. cloudflare is disabled.

Failed authorization procedure. webtechnologycodes.com (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Failed to connect to host for DVSNI challenge, www.webtechnologycodes.com (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Failed to connect to host for DVSNI challenge

IMPORTANT NOTES:

The following ‘urn:acme:error:connection’ errors were reported by
the server:

Domains: webtechnologycodes.com, www.webtechnologycodes.com
Error: The server could not connect to the client to verify the
domain

KajMagnus · December 28, 2015, 6:09pm

Which command did you run? You wrote “trying to generate a certificate using default process” — but what’s that?
Is it e.g. ./letsencrypt-auto certonly --test-cert --standalone
or is it ./letsencrypt-auto --apache ...
or … not nginx?

I’m wondering if when the lets-encrypt server attempted to contact your server at www.webtechnologycodes.com, then your server wasn’t up and running, for some reason. Perhaps you had a firewall that blocked incoming traffic? Or perhaps there’s some other earlier letsencrypt error message that tells you that letsencrypt failed to (re)start the letsencrypt stuff on your own server? So there was nothing listening on port 443? port 80?

Apparently your server is up-and-running right now anyway on port 80.

(I’m a letsencrypt newbie; all this might be wrong)

px43 · December 30, 2015, 8:29am

I had this same error, and fixed it by replacing the top line in my apache config from

<VirtualHost mydomain.com>
to
<VirtualHost mydomain.com:80>

Renari · January 6, 2016, 5:05am

I’m having this issue as well, the solution posted by @px43 fixed the problem for my primary domain however this doesn’t seem to work for any subdomains I have setup.

wbswbs · March 22, 2016, 10:19am

Having the same error, but none of the aboves work:

The fellowing question:

To repeat the certification with ./letsencrypt-auto --apache, can it be helpful to empty the directory /etc/letsencrypt/ ?

serverco · March 22, 2016, 2:06pm

can it be helpful to empty the directory /etc/letsencrypt/ ?

Generally, No, that nearly always messes things up - and that also contains your existing certs, keys etc.

http · April 14, 2016, 6:05pm

I tried a bunch of stuff before I realised that I had to port forward the port 443 to my server Now it works like a charm!

ashish · December 27, 2016, 5:35am

I had a similar issue. In my case my domain *.mydomain.com was redirecting to https. I had to disable the SSL site and disable the http --> https redirect in my virtual host that served http. Then my domain verification worked and letsencrypt automatically enabled the SSL for my site when the cert was issued.