Timeout-during-connect-likely-firewall-problem but link is enabled

JuanCotal · July 4, 2020, 2:20pm

Please fill out the fields below so we can help you better.
Thi is the link generated and is enabled:

http://abastible.giize.com/.well-known/acme-challenge/C-Pi5yLk-mWAQdYhb235xzAezU2k40sAaCSOoJNV5mk

https://abastible.giize.com/.well-known/acme-challenge/C-Pi5yLk-mWAQdYhb235xzAezU2k40sAaCSOoJNV5mk

Centos 7, apache, domain: abastible.giize.com
virtualhost configured:
<VirtualHost *:80>
ServerName abastible.giize.com
DirectoryIndex index.html
DocumentRoot /var/www/abastible.giize.com/html
ErrorLog /var/www/abastible.giize.com/log/error.log
CustomLog /var/www/abastible.giize.com/log/requests.log combined

Alias /.well-known/acme-challenge/ /var/www/abastible.giize.com/html/.well-known/acme-challenge/

<Directory /var/www/abastible.giize.com/html/.well-known/acme-challenge/>
AllowOverride None
Require all granted
Satisfy Any

<VirtualHost *:443>
ServerName abastible.giize.com
DirectoryIndex index.html
DocumentRoot /var/www/abastible.giize.com/html
ErrorLog /var/www/abastible.giize.com/log/error.log
CustomLog /var/www/abastible.giize.com/log/requests.log combined

    SSLEngine On
    SSLCertificateFile /etc/pki/tls/certs/ca.crt
    SSLCertificateKeyFile /etc/pki/tls/private/ca.key

Alias /.well-known/acme-challenge/ /var/www/abastible.giize.com/html/.well-known/acme-challenge/

<Directory /var/www/abastible.giize.com/html/.well-known/acme-challenge/>
AllowOverride None
Require all granted
Satisfy Any

<Directory “/var/www/abastible.giize.com/html/”>
DirectoryIndex index.html
Options FollowSymLinks
AllowOverride All
Require all granted
Allow from all

JuergenAuer · July 4, 2020, 2:35pm

Hi @JuanCotal

that link

isn't enabled. Not with my browser, not via https://check-your-website.server-daten.de/?q=abastible.giize.com%2F.well-known%2Facme-challenge%2FC-Pi5yLk-mWAQdYhb235xzAezU2k40sAaCSOoJNV5mk

So if you see the result, your http works internal.

But you have a blocking firewall or a wrong router configuration. So Letsencrypt can't check your port 80.

Ah, your port 443 is visible.

Domainname	Http-Status	redirect	Sec.	G
• http://abastible.giize.com/.well-known/acme-challenge/C-Pi5yLk-mWAQdYhb235xzAezU2k40sAaCSOoJNV5mk 181.43.157.70	-14		10.010	T
Timeout - The operation has timed out

• http://www.abastible.giize.com/.well-known/acme-challenge/C-Pi5yLk-mWAQdYhb235xzAezU2k40sAaCSOoJNV5mk 181.43.157.70	-14		10.023	T
Timeout - The operation has timed out

• https://abastible.giize.com/.well-known/acme-challenge/C-Pi5yLk-mWAQdYhb235xzAezU2k40sAaCSOoJNV5mk 181.43.157.70 Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0	200	Html is minified: 100,00 %	9.027	N
Certificate error: RemoteCertificateChainErrors
small visible content (num chars: 87)
C-Pi5yLk-mWAQdYhb235xzAezU2k40sAaCSOoJNV5mk.TuVEa6GNoWLrgemY4JFyBgLq9AtDUX0lWgJBC6h5ceQ

• https://www.abastible.giize.com/.well-known/acme-challenge/C-Pi5yLk-mWAQdYhb235xzAezU2k40sAaCSOoJNV5mk 181.43.157.70 Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0	404	Html is minified: 100,00 %	10.566	N
Not Found
Certificate error: RemoteCertificateNameMismatch, RemoteCertificateChainErrors
small visible content (num chars: 129)
Not Found The requested URL /.well-known/acme-challenge/C-Pi5yLk-mWAQdYhb235xzAezU2k40sAaCSOoJNV5mk was not found on this server.

So triple-check why your port 80 doesn't work.

First Letsencrypt connects port 80, then a redirect to port 443 is possible.

If it's a home server, check if your ISP allows or blocks port 80.

JuanCotal · July 4, 2020, 4:37pm

Thank you, It’s work, the issue was the firewall, that block traffic for some public network.

Regards
Juan Cotal

system · August 3, 2020, 4:37pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.