There is a server found at this domain but it returned an unexpected status code Invalid domain or IP

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: kein.go.ro

I ran this command: Add SSL Certificate from Nginx Proxy Server (docker)

It produced this output:

If I use the 'Test Server Reachability' option I get this: There is a server found at this domain but it returned an unexpected status code Invalid domain or IP. Is it the NPM server? Please make sure your domain points to the IP where your NPM instance is running.

If I just try and generate it I get this:

CommandError: Saving debug log to /tmp/letsencrypt-log/letsencrypt.log
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /tmp/letsencrypt-log/letsencrypt.log or re-run Certbot with -v for more details.

** at /app/lib/utils.js:16:13**
** at ChildProcess.exithandler (node:child_process:430:5)**
** at ChildProcess.emit (node:events:519:28)**
** at maybeClose (node:internal/child_process:1105:16)**
** at ChildProcess._handle.onexit (node:internal/child_process:305:5)**

My web server is (include version): NGINX_VERSION 1.27.0

The operating system my web server runs on is (include version): Ubuntu 23.10 (GNU/Linux 6.5.0-42-generic x86_64)

My hosting provider, if applicable, is: Digi.ro

I can login to a root shell on my machine (yes or no, or I don't know): Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): I'm using the Nginx Proxy Manager web interface via docker compose.

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 2.10.0

So hello, I've had it running and it was working great, then I;ve followed some online tutorial that promised to provide me crowdsec bouncer on IPs. Long story short ended up here. I think given the circumstances that something is blocking access, either by port or otherwise. I've tried everyting, including reinstalling but no luck. Please help a guy out, I'll be good next time around and stick with things I understand I promise. P.S. I've included the letsencrypt_log.txt (23.8 KB). Cheers!

Hello @Kein

Thanks for including the log file. It showed an error during "Secondary validation" which usually indicates some sort of geographic based firewall. Let's Encrypt recently added additional non-USA based validation centers and some people blocked those.

But, it looks like your problem may have changed since then. From my own test server in the USA I am getting a "No route to host". And, the Let's Debug test site reports timeouts from its own server and from the Let's Encrypt staging system.

I think that is probably related to wrong port handling in your system and/or containers. Also make sure the IP in the public DNS is still assigned to you (81.18.95.218). And, probably try disabling that Bouncer firewall

This is a better question for the NPM support forum. NPM should be managing your config and the routing of HTTP traffic on your local system.

My own test server

curl -i http://kein.go.ro
curl: (7) Failed to connect to kein.go.ro port 80 after 668 ms: 
No route to host

And Let's Debug

Thank you for your reply. I've tried several combinations regarding the ports, including what has worked in the past and just the standard as 80:80 and 443:443. My ISP has a dynamic IP policy and that's why they provide a DNS for people having to deal with the matter. I will follow your recommendation and consult with the NPM forum. From what I've read online, my ISD has a tendency to block certain ports, I'll check with them as well. Thank you for your help.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.