Timeout during connect (likely firewall problem, but there is no specific error that it is)

What next I have to check and how?

https://crt.sh/?q=darzeliai.panevezys.lt
https://crt.sh/?q=www.darzeliai.panevezys.lt

$ sudo ufw status
status: inactive

sudo iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

apachectl -t -D DUMP_VHOSTS
VirtualHost configuration:
*:80 darzeliai.SSG5-Serial (/etc/apache2/sites-enabled/000-default.conf:1)
*:8080 darzeliai.SSG5-Serial (/etc/apache2/sites-enabled/000-default.conf:30)
*:443 darzeliai.SSG5-Serial (/etc/apache2/sites-enabled/000-default.conf:59)

sudo ss -tlnp | grep -E “(apache|httpd)”
LISTEN 0 128 :::8080 :::* users:((“apache2”,16747,6),(“apache2”,16700,6),(“apache2”,16686,6),(“apache2”,16683,6),(“apache2”,16652,6),(“apache2”,16651,6),(“apache2”,16645,6),(“apache2”,16644,6),(“apache2”,16643,6),(“apache2”,16641,6),(“apache2”,1077,6))
LISTEN 0 128 :::80 :::* users:((“apache2”,16747,4),(“apache2”,16700,4),(“apache2”,16686,4),(“apache2”,16683,4),(“apache2”,16652,4),(“apache2”,16651,4),(“apache2”,16645,4),(“apache2”,16644,4),(“apache2”,16643,4),(“apache2”,16641,4),(“apache2”,1077,4))
LISTEN 0 128 :::443 :::* users:((“apache2”,16747,8),(“apache2”,16700,8),(“apache2”,16686,8),(“apache2”,16683,8),(“apache2”,16652,8),(“apache2”,16651,8),(“apache2”,16645,8),(“apache2”,16644,8),(“apache2”,16643,8),(“apache2”,16641,8),(“apache2”,1077,8))

My domain is:
darzeliai.panevezys.lt
www.darzeliai.panevezys.lt

I ran this command:
sudo /home/user/local/certbot-auto renew

It produced this output:
/home/user/local/certbot-auto has insecure permissions!
To learn how to fix them, visit Certbot-auto deployment best practices
/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/cryptography/hazmat/primitives/constant_time.py:26: CryptographyDeprecationWarning: Support for your Python version is deprecated. The next version of cryptography will remove support. Please upgrade to a release (2.7.7+) that supports hmac.compare_digest as soon as possible.
utils.PersistentlyDeprecated2018,
Saving debug log to /var/log/letsencrypt/letsencrypt.log


Processing /etc/letsencrypt/renewal/www.darzeliai.panevezys.lt.conf


Cert is due for renewal, auto-renewing…
Plugins selected: Authenticator webroot, Installer None
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for darzeliai.panevezys.lt
http-01 challenge for www.darzeliai.panevezys.lt
Waiting for verification…
^[[A^[[A^[[AChallenge failed for domain darzeliai.panevezys.lt
Challenge failed for domain www.darzeliai.panevezys.lt
http-01 challenge for darzeliai.panevezys.lt
http-01 challenge for www.darzeliai.panevezys.lt
Cleaning up challenges
Attempting to renew cert (www.darzeliai.panevezys.lt) from /etc/letsencrypt/renewal/www.darzeliai.panevezys.lt.conf produced an unexpected error: Some challenges have failed… Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/www.darzeliai.panevezys.lt/fullchain.pem (failure)


All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/www.darzeliai.panevezys.lt/fullchain.pem (failure)


1 renew failure(s), 0 parse failure(s)

IMPORTANT NOTES:

My web server is (include version):
Apache/2.4.7

The operating system my web server runs on is (include version):
Ubuntu 14.04.5 LTS

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):
yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
/home/user/local/certbot-auto has insecure permissions!
To learn how to fix them, visit Certbot-auto deployment best practices
/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/cryptography/hazmat/primitives/constant_time.py:26: CryptographyDeprecationWarning: Support for your Python version is deprecated. The next version of cryptography will remove support. Please upgrade to a release (2.7.7+) that supports hmac.compare_digest as soon as possible.
utils.PersistentlyDeprecated2018,
certbot 1.3.0

1 Like

for some strange reason I can’t connect to your server on ports 80 and 8080. (443 works)

can you?

2 Likes

How to delete this topic as I got message “You don’t have permission to delete this topic. If you really want it to be deleted, submit a flag for moderator attention together with reasoning.”?

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.