Using standalone authenticator with explicit address and apache installer
2021-03-31 09:26:53,917:DEBUG:certbot.main:certbot version: 0.31.0
2021-03-31 09:26:53,924:DEBUG:certbot.main:Arguments: ['--standalone', '--agree-tos', '--http-01-address', '192.168.1.146', '--http-01-port', '80']
2021-03-31 09:26:53,928:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2021-03-31 09:26:53,989:DEBUG:certbot.log:Root logging level set at 20
2021-03-31 09:26:53,995:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2021-03-31 09:26:54,054:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer <certbot.cli._Default object at 0xb45d028c>
2021-03-31 09:26:54,055:DEBUG:certbot.cli:Var authenticator=standalone (set by user).
2021-03-31 09:26:54,125:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2021-04-18 04:25:55 UTC.
2021-03-31 09:26:54,126:INFO:certbot.renewal:Cert is due for renewal, auto-renewing...
2021-03-31 09:26:54,127:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer apache
2021-03-31 09:26:54,725:DEBUG:certbot_apache.configurator:Apache version is 2.4.29
2021-03-31 09:27:01,782:DEBUG:certbot.plugins.selection:Single candidate plugin: * apache
Description: Apache Web Server plugin
Interfaces: IAuthenticator, IInstaller, IPlugin
Entry point: apache = certbot_apache.entrypoint:ENTRYPOINT
Initialized: <certbot_apache.override_debian.DebianConfigurator object at 0xb456de0c>
Prep: True
2021-03-31 09:27:05,064:DEBUG:certbot.plugins.selection:Single candidate plugin: * standalone
Description: Spin up a temporary webserver
Interfaces: IAuthenticator, IPlugin
Entry point: standalone = certbot.plugins.standalone:Authenticator
Initialized: <certbot.plugins.standalone.Authenticator object at 0xb456d38c>
Prep: True
2021-03-31 09:27:05,066:DEBUG:certbot.plugins.selection:Selected authenticator <certbot.plugins.standalone.Authenticator object at 0xb456d38c> and installer <certbot_apache.override_debian.DebianConfigurator object at 0xb456de0c>
2021-03-31 09:27:05,067:INFO:certbot.plugins.selection:Plugins selected: Authenticator standalone, Installer apache
2021-03-31 09:27:05,090:DEBUG:certbot.main:Picked account: <Account(RegistrationResource(body=Registration(key=None, contact=(), agreement=None, status=None, terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/71984299', new_authzr_uri=None, terms_of_service=None), 11588215928fdd8186b0af7bb68c03c2, Meta(creation_dt=datetime.datetime(2019, 11, 17, 23, 42, 15, tzinfo=<UTC>), creation_host='samsung'))>
2021-03-31 09:27:05,098:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2021-03-31 09:27:05,110:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
2021-03-31 09:27:06,024:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658
2021-03-31 09:27:06,029:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 30 Mar 2021 22:57:05 GMT
Content-Type: application/json
Content-Length: 658
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"0hY9yfU1O9g": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
"keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
"meta": {
"caaIdentities": [
"letsencrypt.org"
],
"termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
"website": "https://letsencrypt.org"
},
"newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
"newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
"newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
"revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}
2021-03-31 09:27:06,032:INFO:certbot.main:Renewing an existing certificate
2021-03-31 09:27:08,392:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0056_key-certbot.pem
2021-03-31 09:27:08,459:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0056_csr-certbot.pem
2021-03-31 09:27:08,462:DEBUG:acme.client:Requesting fresh nonce
2021-03-31 09:27:08,463:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
2021-03-31 09:27:08,685:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0
2021-03-31 09:27:08,689:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 30 Mar 2021 22:57:08 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0103NAngs9y63uuKGqZrk2emIRmT8ssWIPzxMuRPJV6avas
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
2021-03-31 09:27:08,691:DEBUG:acme.client:Storing nonce: 0103NAngs9y63uuKGqZrk2emIRmT8ssWIPzxMuRPJV6avas
2021-03-31 09:27:08,694:DEBUG:acme.client:JWS payload:
b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "example.com"\n },\n {\n "type": "dns",\n "value": "www.example.com"\n }\n ]\n}'
2021-03-31 09:27:08,757:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNzE5ODQyOTkiLCAibm9uY2UiOiAiMDEwM05BbmdzOXk2M3V1S0dxWnJrMmVtSVJtVDhzc1dJUHp4TXVSUEpWNmF2YXMiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9",
"signature": "PJ1lnt1u84zpz-J5sGMtMWF5TGmB5J-pGU8b7jSnHuSLnMbp0LY_vzNVfTnBtt7uJYCsEOnO_yLHncmbUGcuFVQKR4yvgAuRf90JVCTdZTMPSmVXHAF769T7-zc2e4tbzJqYzFCCWzGE7XPj-YPY7a99FT0EW83Ktz4zqg_JCvq4RLceGb_q_K81btc0NabubU3TuhKU8RGj6krwfaO6-9Mr9nKE7F_Ows1A6m3yXPz4i9gvZXFIVgTnGD_MjEy1H0AavQpQ7-4PQ8Gz1jZv-oWMXJqTh7ClOp-Wy-HlBVXvIcp6OcAIr7fjpN4p-FfZn3l__AD71GGvMLgJuhtGwQ",
"payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInNhbmRidXJuZXIubmV0IgogICAgfSwKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInd3dy5zYW5kYnVybmVyLm5ldCIKICAgIH0KICBdCn0"
}
2021-03-31 09:27:09,090:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 475
2021-03-31 09:27:09,095:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Date: Tue, 30 Mar 2021 22:57:08 GMT
Content-Type: application/json
Content-Length: 475
Connection: keep-alive
Boulder-Requester: 71984299
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Location: https://acme-v02.api.letsencrypt.org/acme/order/71984299/8768469860
Replay-Nonce: 010418GyNyUAk33oTJZQ8o3bofrIC8xMwnrlvR0JxoIyahU
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"status": "pending",
"expires": "2021-04-06T22:53:04Z",
"identifiers": [
{
"type": "dns",
"value": "example.com"
},
{
"type": "dns",
"value": "www.example.com"
}
],
"authorizations": [
"https://acme-v02.api.letsencrypt.org/acme/authz-v3/11965482468",
"https://acme-v02.api.letsencrypt.org/acme/authz-v3/11965482481"
],
"finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/71984299/8768469860"
}
2021-03-31 09:27:09,097:DEBUG:acme.client:Storing nonce: 010418GyNyUAk33oTJZQ8o3bofrIC8xMwnrlvR0JxoIyahU
2021-03-31 09:27:09,099:DEBUG:acme.client:JWS payload:
b''
2021-03-31 09:27:09,155:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/11965482468:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNzE5ODQyOTkiLCAibm9uY2UiOiAiMDEwNDE4R3lOeVVBazMzb1RKWlE4bzNib2ZySUM4eE13bnJsdlIwSnhvSXlhaFUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzExOTY1NDgyNDY4In0",
"signature": "bFKs3WDmjzKc8vU21W5PawaVtDyVgHak7E_Vg9ENUSt9DgvDU1KjM1fwVyr3CAj7jog_XGd7RVXvfrDCqZWER_-FargMzgIbKcj-IH5wopVjHLtBwHF0_DyzzVxh7Gqt5_jNb4432gNXA9XjkARmjC2qpNLtNp4pSa5gLA5R_isHZjnBwTfr57RVCAvUyqR4I_EGFqFg2_xca_MXiGXI2IYZcjlfwqDmg8N4Yn9bh7859jQNurb8wR4TlSgx0jsVatUqjYwRUH-pkQfQBLSF-MqPsClQg08UCK1cbPwGbAU79L7jqaKcdwRucbNIT_LLWapJ1Qw_fu7R5cu2dzGMOA",
"payload": ""
}
2021-03-31 09:27:09,411:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/11965482468 HTTP/1.1" 200 795
2021-03-31 09:27:09,416:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 30 Mar 2021 22:57:09 GMT
Content-Type: application/json
Content-Length: 795
Connection: keep-alive
Boulder-Requester: 71984299
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0104e1ewjugNUQoblCjV8GVPzzdWne0y1IX6FTf6AEXdV70
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "example.com"
},
"status": "pending",
"expires": "2021-04-06T22:53:04Z",
"challenges": [
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/11965482468/nz2-Mw",
"token": "VNxl0JwLjTBQZc_WfBOvJnCzpIcGXeTERirFoHiDls0"
},
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/11965482468/dYF_ng",
"token": "VNxl0JwLjTBQZc_WfBOvJnCzpIcGXeTERirFoHiDls0"
},
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/11965482468/NXk5Vg",
"token": "VNxl0JwLjTBQZc_WfBOvJnCzpIcGXeTERirFoHiDls0"
}
]
}
2021-03-31 09:27:09,418:DEBUG:acme.client:Storing nonce: 0104e1ewjugNUQoblCjV8GVPzzdWne0y1IX6FTf6AEXdV70
2021-03-31 09:27:09,420:DEBUG:acme.client:JWS payload:
b''
2021-03-31 09:27:09,476:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/11965482481:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNzE5ODQyOTkiLCAibm9uY2UiOiAiMDEwNGUxZXdqdWdOVVFvYmxDalY4R1ZQenpkV25lMHkxSVg2RlRmNkFFWGRWNzAiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzExOTY1NDgyNDgxIn0",
"signature": "o6jHEDlJh9JWWnUM8f1s3g5XXC2BSpKKTwrxWEMqHQhapj6pM27nsWIEz0SwSU5j4Ovcx_cSCfB8-F4RgR3GBCxMTMywFimJnRRF7UcaeTi-T1jUMw3mdsPWq0iZZKGhxCFBrGRUP3FPnWtZbtplFIK3J-nUnMQ2ddAjBItonLs5cKIrfyRNewPQtZnaiWvV-CERdUQ8EdGbR8IAtNmJQ4rsVHmIYPaHCx-5nVo4M_1icLgJw4FJVD2jOu6ZbpCVaqMXEbYIslI0BN8AZ64tZKpj9k_aRevftT9dfuowHTVf7cP6Sx0MmEVF50V-ZkBoRcY7axQIsp3PSEuwZa-mvw",
"payload": ""
}
2021-03-31 09:27:09,735:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/11965482481 HTTP/1.1" 200 799
2021-03-31 09:27:09,740:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 30 Mar 2021 22:57:09 GMT
Content-Type: application/json
Content-Length: 799
Connection: keep-alive
Boulder-Requester: 71984299
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 01035vdTX8poIj-AYll-RNPVCql0_fLHPw0wIl0oWoPBoGQ
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "www.example.com"
},
"status": "pending",
"expires": "2021-04-06T22:53:04Z",
"challenges": [
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/11965482481/m413SA",
"token": "k_l52kvvfScXPbiy2MFe6Cc2kz3qxOupLu107Rv3QPA"
},
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/11965482481/4jj5QA",
"token": "k_l52kvvfScXPbiy2MFe6Cc2kz3qxOupLu107Rv3QPA"
},
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/11965482481/0mSLmA",
"token": "k_l52kvvfScXPbiy2MFe6Cc2kz3qxOupLu107Rv3QPA"
}
]
}
2021-03-31 09:27:09,741:DEBUG:acme.client:Storing nonce: 01035vdTX8poIj-AYll-RNPVCql0_fLHPw0wIl0oWoPBoGQ
2021-03-31 09:27:09,746:INFO:certbot.auth_handler:Performing the following challenges:
2021-03-31 09:27:09,747:INFO:certbot.auth_handler:http-01 challenge for example.com
2021-03-31 09:27:09,748:INFO:certbot.auth_handler:http-01 challenge for www.example.com
2021-03-31 09:27:09,751:DEBUG:acme.standalone:Failed to bind to 192.168.1.146:80 using IPv6
2021-03-31 09:27:09,756:DEBUG:acme.standalone:Successfully bound to 192.168.1.146:80 using IPv4
2021-03-31 09:27:09,809:INFO:certbot.auth_handler:Waiting for verification...
2021-03-31 09:27:09,811:DEBUG:acme.client:JWS payload:
b'{\n "resource": "challenge",\n "type": "http-01"\n}'
2021-03-31 09:27:09,870:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/11965482468/nz2-Mw:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNzE5ODQyOTkiLCAibm9uY2UiOiAiMDEwMzV2ZFRYOHBvSWotQVlsbC1STlBWQ3FsMF9mTEhQdzB3SWwwb1dvUEJvR1EiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzExOTY1NDgyNDY4L256Mi1NdyJ9",
"signature": "HlZMnXPahihR0jjScaQhO7KSjGLR72GEKM77Vr4XZDtg6_pgFebcsbG3HQd07twLyV4ZnB5AcGn8cwTtEszSNQFD6vj-ZjlZVAESxCmbHwpXNY_EVsaembZMNXlBQIseKYlwcHNaiIl31nFAJNp2bs_LSauz-ACJ3PbauogDzg4xQlf4eCnU9QHPSgqq3SFSDDYTfuw90Jbjrn36XfykSzDlGqzeFplvEtqp6RCoGw8ecw3xHR6a_CmkWrLKS3lgi_wchNqkOMu0hRxhpvGsKu-6PCZYrSGYhNmrcm1vyqKwzHDHhLpSmyFDcFxTY1AEa_8nrtrZlGAJoDKzbZgDPQ",
"payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0"
}
2021-03-31 09:27:10,140:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/11965482468/nz2-Mw HTTP/1.1" 200 186
2021-03-31 09:27:10,145:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 30 Mar 2021 22:57:10 GMT
Content-Type: application/json
Content-Length: 186
Connection: keep-alive
Boulder-Requester: 71984299
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index", <https://acme-v02.api.letsencrypt.org/acme/authz-v3/11965482468>;rel="up"
Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/11965482468/nz2-Mw
Replay-Nonce: 0103QCW4fPCYMyM_JtFqGBYm8_Ekpnt0VK0e47cbPajQHdM
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/11965482468/nz2-Mw",
"token": "VNxl0JwLjTBQZc_WfBOvJnCzpIcGXeTERirFoHiDls0"
}
2021-03-31 09:27:10,147:DEBUG:acme.client:Storing nonce: 0103QCW4fPCYMyM_JtFqGBYm8_Ekpnt0VK0e47cbPajQHdM
2021-03-31 09:27:10,151:DEBUG:acme.client:JWS payload:
b'{\n "resource": "challenge",\n "type": "http-01"\n}'
2021-03-31 09:27:10,206:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/11965482481/m413SA:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNzE5ODQyOTkiLCAibm9uY2UiOiAiMDEwM1FDVzRmUENZTXlNX0p0RnFHQlltOF9Fa3BudDBWSzBlNDdjYlBhalFIZE0iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzExOTY1NDgyNDgxL200MTNTQSJ9",
"signature": "YwN88YrQzoPivv6kwxIakJfs-c-RFMDnm3UCxuPrUJUWVS6zmAbgP8A_Bi1jMaZj1e-USRkMBLgo3lIMi97gEiH9jo2UVmnw3TsHIQU4R79zOiAN1-vYYWCFfbXl6qqbFtKCVH8pE3XRgue9UC3nPY-oGtnH08A9fs7CulLjiqU1vvA8ud513zt0zD-zGtLNocx24cx62VK4H39Qm-yzsVeKJA8M_SKZcGjl5iqdY9hO4cCnbeBnBlepfdamo_owBHsarzfHRD_E3pRpChWj-SR3wt2YyTNsSuuOthvKOOa8XOH6m7FCLDZEMB8wOe4EAs_vGfRONCuTt0GRup4JAg",
"payload": "ewogICJyZXNvdXJjZSI6ICJjaGFsbGVuZ2UiLAogICJ0eXBlIjogImh0dHAtMDEiCn0"
}
2021-03-31 09:27:10,478:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/11965482481/m413SA HTTP/1.1" 200 186
2021-03-31 09:27:10,483:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 30 Mar 2021 22:57:10 GMT
Content-Type: application/json
Content-Length: 186
Connection: keep-alive
Boulder-Requester: 71984299
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index", <https://acme-v02.api.letsencrypt.org/acme/authz-v3/11965482481>;rel="up"
Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/11965482481/m413SA
Replay-Nonce: 0104oD2KhAnA3sSeSas25ojrXJXAZ7u__C7JEK_F-lLBS2o
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/11965482481/m413SA",
"token": "k_l52kvvfScXPbiy2MFe6Cc2kz3qxOupLu107Rv3QPA"
}
2021-03-31 09:27:10,484:DEBUG:acme.client:Storing nonce: 0104oD2KhAnA3sSeSas25ojrXJXAZ7u__C7JEK_F-lLBS2o
2021-03-31 09:27:10,564:DEBUG:acme.standalone:52.28.236.88 - - Incoming request
2021-03-31 09:27:10,568:DEBUG:acme.standalone:52.28.236.88 - - Serving HTTP01 with token 'VNxl0JwLjTBQZc_WfBOvJnCzpIcGXeTERirFoHiDls0'
2021-03-31 09:27:10,569:DEBUG:acme.standalone:52.28.236.88 - - "GET /.well-known/acme-challenge/VNxl0JwLjTBQZc_WfBOvJnCzpIcGXeTERirFoHiDls0 HTTP/1.1" 200 -
2021-03-31 09:27:10,879:DEBUG:acme.standalone:3.128.26.105 - - Incoming request
2021-03-31 09:27:10,882:DEBUG:acme.standalone:3.128.26.105 - - Serving HTTP01 with token 'VNxl0JwLjTBQZc_WfBOvJnCzpIcGXeTERirFoHiDls0'
2021-03-31 09:27:10,883:DEBUG:acme.standalone:3.128.26.105 - - "GET /.well-known/acme-challenge/VNxl0JwLjTBQZc_WfBOvJnCzpIcGXeTERirFoHiDls0 HTTP/1.1" 200 -
2021-03-31 09:27:10,927:DEBUG:acme.standalone:3.22.70.135 - - Incoming request
2021-03-31 09:27:10,930:DEBUG:acme.standalone:3.22.70.135 - - Serving HTTP01 with token 'k_l52kvvfScXPbiy2MFe6Cc2kz3qxOupLu107Rv3QPA'
2021-03-31 09:27:10,931:DEBUG:acme.standalone:3.22.70.135 - - "GET /.well-known/acme-challenge/k_l52kvvfScXPbiy2MFe6Cc2kz3qxOupLu107Rv3QPA HTTP/1.1" 200 -
2021-03-31 09:27:13,490:DEBUG:acme.client:JWS payload:
b''
2021-03-31 09:27:13,552:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/11965482468:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNzE5ODQyOTkiLCAibm9uY2UiOiAiMDEwNG9EMktoQW5BM3NTZVNhczI1b2pyWEpYQVo3dV9fQzdKRUtfRi1sTEJTMm8iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzExOTY1NDgyNDY4In0",
"signature": "NetiKU7ZcdIJA_cC4NCEuqBClL0V_g5GI3etLgeqyhH-w0F0apMb_lnb2fpXkMcgCoOD5bhSZe_R-YNcS4DPGlk4HDjWkf2WmVu8sP1HHu0d_S88IZqO-Te9BEr84B7pdVIJZ6AlJk5ZjSMaZ4xKyqtelkAaW3_AXxzgwMimkSyhxdYx3k1lIJ_wE4XbsBze3E9tJzrUqaU8pMHQKA1C1G6JFtNOs_Xx5l46sdL402KGsMBiriG8G1Q0kG4mtRt4sTIkC5acosizeZHJfShLOkYnQU8oEzKTWzlCbpfcgT1R7vK4Sv6dzAHMdb-s7LnQLxRQO7BbnE5329Dy6lbqiQ",
"payload": ""
}
2021-03-31 09:27:13,803:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/11965482468 HTTP/1.1" 200 795
2021-03-31 09:27:13,807:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 30 Mar 2021 22:57:13 GMT
Content-Type: application/json
Content-Length: 795
Connection: keep-alive
Boulder-Requester: 71984299
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0104__QAeFFSK_OVk1HZu1JP-rPyY75zj6E9FGEpPcP9AnI
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "example.com"
},
"status": "pending",
"expires": "2021-04-06T22:53:04Z",
"challenges": [
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/11965482468/nz2-Mw",
"token": "VNxl0JwLjTBQZc_WfBOvJnCzpIcGXeTERirFoHiDls0"
},
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/11965482468/dYF_ng",
"token": "VNxl0JwLjTBQZc_WfBOvJnCzpIcGXeTERirFoHiDls0"
},
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/11965482468/NXk5Vg",
"token": "VNxl0JwLjTBQZc_WfBOvJnCzpIcGXeTERirFoHiDls0"
}
]
}
2021-03-31 09:27:13,809:DEBUG:acme.client:Storing nonce: 0104__QAeFFSK_OVk1HZu1JP-rPyY75zj6E9FGEpPcP9AnI
2021-03-31 09:27:13,814:DEBUG:acme.client:JWS payload:
b''
2021-03-31 09:27:13,869:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/11965482481:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNzE5ODQyOTkiLCAibm9uY2UiOiAiMDEwNF9fUUFlRkZTS19PVmsxSFp1MUpQLXJQeVk3NXpqNkU5RkdFcFBjUDlBbkkiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzExOTY1NDgyNDgxIn0",
"signature": "D8t2h-Ztcj_Xtb-CAt6gOOYC6HWb-XmPjfX1_m4OWWf1iSIGn0O6akOAZ6iOCCW-SR7j1puCDT_ho26bwVi39GRG_bXgOhgUvPLuMtxJ9dXHHhxuuKSmNBKB2aa5wZ1THB9xKB_dKx8Z8IW-UZREuapA7qtYPyFXA-8ElpZPsKQy2O4vRXS_8PmmtNDRjhIfDROK1IwVDXXEpT3nRD29yopntbsdz8E9xHShdJD0fXcYqhX4jQFTRvar-ZlsEOOqoGLkUs12MOM6YJ6GRjTy1CUH4gTz-9YYgh_-nlqrpwcfCoYJvRln6NTyv5QmW6DkUr7s8OEsi0lhpgzHGadxZQ",
"payload": ""
}
2021-03-31 09:27:14,122:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/11965482481 HTTP/1.1" 200 799
2021-03-31 09:27:14,126:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 30 Mar 2021 22:57:14 GMT
Content-Type: application/json
Content-Length: 799
Connection: keep-alive
Boulder-Requester: 71984299
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0103p1KBVa4Aa9ZBKrf8_QBuF3NX1XM85vJhudhUv25r0iM
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "www.example.com"
},
"status": "pending",
"expires": "2021-04-06T22:53:04Z",
"challenges": [
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/11965482481/m413SA",
"token": "k_l52kvvfScXPbiy2MFe6Cc2kz3qxOupLu107Rv3QPA"
},
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/11965482481/4jj5QA",
"token": "k_l52kvvfScXPbiy2MFe6Cc2kz3qxOupLu107Rv3QPA"
},
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/11965482481/0mSLmA",
"token": "k_l52kvvfScXPbiy2MFe6Cc2kz3qxOupLu107Rv3QPA"
}
]
}
2021-03-31 09:27:14,128:DEBUG:acme.client:Storing nonce: 0103p1KBVa4Aa9ZBKrf8_QBuF3NX1XM85vJhudhUv25r0iM
2021-03-31 09:27:17,136:DEBUG:acme.client:JWS payload:
b''
2021-03-31 09:27:17,198:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/11965482468:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNzE5ODQyOTkiLCAibm9uY2UiOiAiMDEwM3AxS0JWYTRBYTlaQktyZjhfUUJ1RjNOWDFYTTg1dkpodWRoVXYyNXIwaU0iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzExOTY1NDgyNDY4In0",
"signature": "bVy4MdsGuDam5o5eyApcXThJoLPhXVBMB1U_YkfqoMIahSwCmXoZHflF3Oon9c_iUQs63Ivh2Lut2fsbt9ZJTbZCCokMtqiUntThc5iPaqI_ZSc7zxB42_kUhxXi4pZQPcAJveXFQ0Lzqni2XOuaJKRqUCiJClvNjzU_r0E-H9OVgwhGWlof0CdsTkGBmTdgCdustP-RhFxrGVnKVidAk3Yb2KXgM9vrv8MGWAyHFISw8KmKyWUTyzW9Cw4mDQQYmGxWfgjTHJ29w2P2-u90OCRwqm-ND0LAi5UtFWQH_Ykucrh9r0iHOHjM2Q5npnWDmdRTMBDhahzcBNosHaEv9Q",
"payload": ""
}
2021-03-31 09:27:17,454:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/11965482468 HTTP/1.1" 200 795
2021-03-31 09:27:17,457:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 30 Mar 2021 22:57:17 GMT
Content-Type: application/json
Content-Length: 795
Connection: keep-alive
Boulder-Requester: 71984299
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0104vOaZx-Aaf4YVPW9qProqTDEikiWh3wW9seoBMDRkyGo
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "example.com"
},
"status": "pending",
"expires": "2021-04-06T22:53:04Z",
"challenges": [
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/11965482468/nz2-Mw",
"token": "VNxl0JwLjTBQZc_WfBOvJnCzpIcGXeTERirFoHiDls0"
},
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/11965482468/dYF_ng",
"token": "VNxl0JwLjTBQZc_WfBOvJnCzpIcGXeTERirFoHiDls0"
},
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/11965482468/NXk5Vg",
"token": "VNxl0JwLjTBQZc_WfBOvJnCzpIcGXeTERirFoHiDls0"
}
]
}
2021-03-31 09:27:17,459:DEBUG:acme.client:Storing nonce: 0104vOaZx-Aaf4YVPW9qProqTDEikiWh3wW9seoBMDRkyGo
2021-03-31 09:27:17,462:DEBUG:acme.client:JWS payload:
b''
2021-03-31 09:27:17,519:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/11965482481:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNzE5ODQyOTkiLCAibm9uY2UiOiAiMDEwNHZPYVp4LUFhZjRZVlBXOXFQcm9xVERFaWtpV2gzd1c5c2VvQk1EUmt5R28iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzExOTY1NDgyNDgxIn0",
"signature": "UgJxwIZJGUnU02p7jaUW2Euz-9hx7UgcmHjihr4Gx9tL2KiiwujEw_ItUmSjBqjhKLqN3gbA37Z0SuBZYSo7USIWq-Ixs83Wthw6d32avUdD38LeOdK-L0C41AzjTQpJRpYwU0a3Citr0IsgMUodknN-dy0A2Y6leCDPpmp5xLTefcXFQHG5CqNe30MbTSrq69xz-K_wBlwogcjOI_A2OETTsbLeaAfpoVKTfkeO2o48fCwJmZ3MdqZRUjm2Jw2sPgiviwHrb-slFIOyXYlB9SjogvVHdfqh9GGJJdRMcldruUnWJe-Ni23E1NTXvRlsfTE0mrqsjVocfapSE0KtHQ",
"payload": ""
}
2021-03-31 09:27:17,777:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/11965482481 HTTP/1.1" 200 799
2021-03-31 09:27:17,781:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 30 Mar 2021 22:57:17 GMT
Content-Type: application/json
Content-Length: 799
Connection: keep-alive
Boulder-Requester: 71984299
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 01048Brama3c7V9sGYwX13w9G11-Z73pCdvHPpYpwRZuBl4
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "www.example.com"
},
"status": "pending",
"expires": "2021-04-06T22:53:04Z",
"challenges": [
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/11965482481/m413SA",
"token": "k_l52kvvfScXPbiy2MFe6Cc2kz3qxOupLu107Rv3QPA"
},
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/11965482481/4jj5QA",
"token": "k_l52kvvfScXPbiy2MFe6Cc2kz3qxOupLu107Rv3QPA"
},
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/11965482481/0mSLmA",
"token": "k_l52kvvfScXPbiy2MFe6Cc2kz3qxOupLu107Rv3QPA"
}
]
}
2021-03-31 09:27:17,783:DEBUG:acme.client:Storing nonce: 01048Brama3c7V9sGYwX13w9G11-Z73pCdvHPpYpwRZuBl4
2021-03-31 09:27:20,791:DEBUG:acme.client:JWS payload:
b''
2021-03-31 09:27:20,851:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/11965482468:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNzE5ODQyOTkiLCAibm9uY2UiOiAiMDEwNDhCcmFtYTNjN1Y5c0dZd1gxM3c5RzExLVo3M3BDZHZIUHBZcHdSWnVCbDQiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzExOTY1NDgyNDY4In0",
"signature": "i10isxYMS8R7cgUn3a8QcNm1AvOjNag669oQEc5GmWjPW6-Rl8_b5-mGDrXadTT8szuynvgAQhYQvIbFpkhqbdevEpFGfKO0cEQuR2JcBgPU3zV2Fz-k_pWUEqCINO0PZ8ZMnRSGs518KkuowJQrE7f7A0JKT0gKDKPdeXR1TRF9sXvXcOyM07jHYrqRmNm3kOJVvnhb8p69vuZROxczBQ6Et_vJj65wP8a3wCfO-mMUMSiXSI1XJIa3bJUG0DN3ZFavWLhBeXkFPHi2KFCkxBuDUOVZA9IGhybi6kuIWSiADByLBJjssMU5KqxHUBG6A_emKOgi4DzM_foposy-MA",
"payload": ""
}
2021-03-31 09:27:21,104:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/11965482468 HTTP/1.1" 200 1036
2021-03-31 09:27:21,108:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 30 Mar 2021 22:57:21 GMT
Content-Type: application/json
Content-Length: 1036
Connection: keep-alive
Boulder-Requester: 71984299
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0103WsMBODfJ3TnKFAwfjnit9v9GxXOoG_8O0YN1RcHXdFM
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "example.com"
},
"status": "invalid",
"expires": "2021-04-06T22:53:04Z",
"challenges": [
{
"type": "http-01",
"status": "invalid",
"error": {
"type": "urn:ietf:params:acme:error:connection",
"detail": "Fetching http://example.com/.well-known/acme-challenge/VNxl0JwLjTBQZc_WfBOvJnCzpIcGXeTERirFoHiDls0: Timeout during connect (likely firewall problem)",
"status": 400
},
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/11965482468/nz2-Mw",
"token": "VNxl0JwLjTBQZc_WfBOvJnCzpIcGXeTERirFoHiDls0",
"validationRecord": [
{
"url": "http://example.com/.well-known/acme-challenge/VNxl0JwLjTBQZc_WfBOvJnCzpIcGXeTERirFoHiDls0",
"hostname": "example.com",
"port": "80",
"addressesResolved": [
"1.2.3.4"
],
"addressUsed": "1.2.3.4"
}
],
"validated": "2021-03-30T22:57:10Z"
}
]
}
2021-03-31 09:27:21,110:DEBUG:acme.client:Storing nonce: 0103WsMBODfJ3TnKFAwfjnit9v9GxXOoG_8O0YN1RcHXdFM
2021-03-31 09:27:21,115:DEBUG:acme.client:JWS payload:
b''
2021-03-31 09:27:21,170:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/11965482481:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNzE5ODQyOTkiLCAibm9uY2UiOiAiMDEwM1dzTUJPRGZKM1RuS0ZBd2Zqbml0OXY5R3hYT29HXzhPMFlOMVJjSFhkRk0iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzExOTY1NDgyNDgxIn0",
"signature": "bjo7KG7SvzEQj0GFDSTMu8LVfF4ZlmF8Okl6_ujwfwuVhtHRrwaTmdxcXGGUdqvhO8Kk7a4Ywb3qa0ydfz1ugf-Nw6Zp9pKmYmgauh0Sa3iMX4rKOBL2Yibh7MlVzM7TNu0_DiROHe0aTh4zlqNl7hIOxZBxhcANqyfiEGzSlH3B8ptLU_tN2C4W7y0SBmxMY0w7LOWb57Jaf1RPRhYfkLerEcpcK3oGMeqIPmEu8nPCcjeg2NsfO7VMo61-5F8_yxDOhkDrT327l5KM8C9hqboieY5Xljx8kaIV58bNDeH7NEkeHm7U6DH3WenX4F3FlmyTW2ohk0A4D_NXdEnbFw",
"payload": ""
}
2021-03-31 09:27:21,423:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/11965482481 HTTP/1.1" 200 1052
2021-03-31 09:27:21,427:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Tue, 30 Mar 2021 22:57:21 GMT
Content-Type: application/json
Content-Length: 1052
Connection: keep-alive
Boulder-Requester: 71984299
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0104MtSd42Kx81uGruEObH6gB-phzXAzTP2ZbJzod9SnsfY
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "www.example.com"
},
"status": "invalid",
"expires": "2021-04-06T22:53:04Z",
"challenges": [
{
"type": "http-01",
"status": "invalid",
"error": {
"type": "urn:ietf:params:acme:error:connection",
"detail": "Fetching http://www.example.com/.well-known/acme-challenge/k_l52kvvfScXPbiy2MFe6Cc2kz3qxOupLu107Rv3QPA: Timeout during connect (likely firewall problem)",
"status": 400
},
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/11965482481/m413SA",
"token": "k_l52kvvfScXPbiy2MFe6Cc2kz3qxOupLu107Rv3QPA",
"validationRecord": [
{
"url": "http://www.example.com/.well-known/acme-challenge/k_l52kvvfScXPbiy2MFe6Cc2kz3qxOupLu107Rv3QPA",
"hostname": "www.example.com",
"port": "80",
"addressesResolved": [
"1.2.3.4"
],
"addressUsed": "1.2.3.4"
}
],
"validated": "2021-03-30T22:57:10Z"
}
]
}
2021-03-31 09:27:21,429:DEBUG:acme.client:Storing nonce: 0104MtSd42Kx81uGruEObH6gB-phzXAzTP2ZbJzod9SnsfY
2021-03-31 09:27:21,433:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server:
Domain: www.example.com
Type: connection
Detail: Fetching http://www.example.com/.well-known/acme-challenge/k_l52kvvfScXPbiy2MFe6Cc2kz3qxOupLu107Rv3QPA: Timeout during connect (likely firewall problem)
Domain: example.com
Type: connection
Detail: Fetching http://example.com/.well-known/acme-challenge/VNxl0JwLjTBQZc_WfBOvJnCzpIcGXeTERirFoHiDls0: Timeout during connect (likely firewall problem)
To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are preventing the server from communicating with the client. If you're using the webroot plugin, you should also verify that you are serving files from the webroot path you provided.
2021-03-31 09:27:21,437:DEBUG:certbot.error_handler:Encountered exception:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 82, in handle_authorizations
self._respond(aauthzrs, resp, best_effort)
File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 168, in _respond
self._poll_challenges(aauthzrs, chall_update, best_effort)
File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 239, in _poll_challenges
raise errors.FailedChallenges(all_failed_achalls)
certbot.errors.FailedChallenges: Failed authorization procedure. www.example.com (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://www.example.com/.well-known/acme-challenge/k_l52kvvfScXPbiy2MFe6Cc2kz3qxOupLu107Rv3QPA: Timeout during connect (likely firewall problem), example.com (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://example.com/.well-known/acme-challenge/VNxl0JwLjTBQZc_WfBOvJnCzpIcGXeTERirFoHiDls0: Timeout during connect (likely firewall problem)
2021-03-31 09:27:21,438:DEBUG:certbot.error_handler:Calling registered functions
2021-03-31 09:27:21,438:INFO:certbot.auth_handler:Cleaning up challenges
2021-03-31 09:27:21,442:DEBUG:certbot.plugins.standalone:Stopping server at 192.168.1.146:80...
2021-03-31 09:27:21,450:WARNING:certbot.renewal:Attempting to renew cert (example.com) from /etc/letsencrypt/renewal/example.com.conf produced an unexpected error: Failed authorization procedure. www.example.com (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://www.example.com/.well-known/acme-challenge/k_l52kvvfScXPbiy2MFe6Cc2kz3qxOupLu107Rv3QPA: Timeout during connect (likely firewall problem), example.com (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://example.com/.well-known/acme-challenge/VNxl0JwLjTBQZc_WfBOvJnCzpIcGXeTERirFoHiDls0: Timeout during connect (likely firewall problem). Skipping.
2021-03-31 09:27:21,460:DEBUG:certbot.renewal:Traceback was:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 465, in handle_renewal_request
main.renew_cert(lineage_config, plugins, renewal_candidate)
File "/usr/lib/python3/dist-packages/certbot/main.py", line 1193, in renew_cert
renewed_lineage = _get_and_save_cert(le_client, config, lineage=lineage)
File "/usr/lib/python3/dist-packages/certbot/main.py", line 116, in _get_and_save_cert
renewal.renew_cert(config, domains, le_client, lineage)
File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 323, in renew_cert
new_cert, new_chain, new_key, _ = le_client.obtain_certificate(domains, new_key)
File "/usr/lib/python3/dist-packages/certbot/client.py", line 353, in obtain_certificate
orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
File "/usr/lib/python3/dist-packages/certbot/client.py", line 389, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, best_effort)
File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 82, in handle_authorizations
self._respond(aauthzrs, resp, best_effort)
File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 168, in _respond
self._poll_challenges(aauthzrs, chall_update, best_effort)
File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 239, in _poll_challenges
raise errors.FailedChallenges(all_failed_achalls)
certbot.errors.FailedChallenges: Failed authorization procedure. www.example.com (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://www.example.com/.well-known/acme-challenge/k_l52kvvfScXPbiy2MFe6Cc2kz3qxOupLu107Rv3QPA: Timeout during connect (likely firewall problem), example.com (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://example.com/.well-known/acme-challenge/VNxl0JwLjTBQZc_WfBOvJnCzpIcGXeTERirFoHiDls0: Timeout during connect (likely firewall problem)
2021-03-31 09:27:21,471:ERROR:certbot.renewal:All renewal attempts failed. The following certs could not be renewed:
2021-03-31 09:27:21,474:ERROR:certbot.renewal: /etc/letsencrypt/live/example.com/fullchain.pem (failure)
2021-03-31 09:27:21,475:DEBUG:certbot.log:Exiting abnormally:
Traceback (most recent call last):
File "/usr/bin/certbot", line 11, in <module>
load_entry_point('certbot==0.31.0', 'console_scripts', 'certbot')()
File "/usr/lib/python3/dist-packages/certbot/main.py", line 1365, in main
return config.func(config, plugins)
File "/usr/lib/python3/dist-packages/certbot/main.py", line 1272, in renew
renewal.handle_renewal_request(config)
File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 490, in handle_renewal_request
len(renew_failures), len(parse_failures)))
certbot.errors.Error: 1 renew failure(s), 0 parse failure(s)
For the standalone tests, I made sure to stop the apache server first via sudo systemctl stop apache2
.
Note that renewing my certificate using the default (apache authenticator and apache installer) used to work just fine for years and I haven't changed anything about my setup.
I checked that there's no (local) firewall:
ufw status
Status: inactive
I checked that my website is reachable from outside the local LAN
- using my mobile phone with WiFi off and also
- via check-your-website.server-daten.de ...see here:
Some of the anonymised output of check-your-website.server-daten.de
### 1. IP-Addresses
|Host|Type|IP-Address|is auth.|∑ Queries|∑ Timeout|
| --- | --- | --- | --- | --- | --- |
|example.com|A|1.2.3.4 Sydney/New South Wales/Australia (AU) - Harbour ISP Pty LTD No Hostname found|yes|1|0|
||AAAA||yes|||
|www.example.com|A|1.2.3.4 Sydney/New South Wales/Australia (AU) - Harbour ISP Pty LTD No Hostname found|yes|1|0|
||AAAA||yes|||
|*.example.com|A|Name Error|yes|||
||AAAA|Name Error|yes|||
||CNAME|Name Error|yes|||
3. Name Servers
Domain Nameserver NS-IP
www.example.com
• ns1.world4you.at / reg-amx1_customer2
•
example.com
• ns1.world4you.at / reg-amx1_customer2
192.174.68.6
Salzburg/Austria (AT) - NICat-anycast •
•
2001:67c:1bc::6
Salzburg/Austria (AT) - IPCom-NET Anycast •
• ns2.world4you.at / reg-ams1_customer2
176.97.158.6
Vienna/Austria (AT) - NICat-anycast •
•
2001:67c:10b8::6
Zurich/Switzerland (CH) - IPCOM-anycast •
net
• a.gtld-servers.net / nnn1-was1
•
• b.gtld-servers.net / nnn1-eltxl2
•
• c.gtld-servers.net / nnn1-was1
•
• d.gtld-servers.net / nnn1-was1
•
• e.gtld-servers.net / nnn1-was1
•
• f.gtld-servers.net / nnn1-ams6
•
• g.gtld-servers.net / nnn1-ams6
•
• h.gtld-servers.net / nnn1-ams6
•
• i.gtld-servers.net / nnn1-ams6
•
• j.gtld-servers.net / nnn1-lon5
•
• k.gtld-servers.net / nnn1-lon5
•
• l.gtld-servers.net / nnn1-lon5
•
• m.gtld-servers.net / nnn1-lon5
•
6. Url-Checks
show header:
Domainname Http-Status redirect Sec. G
• http://example.com/
1.2.3.4
301
https://example.com/
Html is minified: 100.00 % 0.637
A
• http://www.example.com/
1.2.3.4
301
https://www.example.com/
Html is minified: 100.00 % 0.634
A
• https://example.com/
1.2.3.4 GZip used - 182 / 259 - 29.73 %
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0 200
Html is minified: 109.28 % 7.267
B
small visible content (num chars: 43)
Home of example.com Nothing to see here.
• https://www.example.com/
1.2.3.4 GZip used - 182 / 259 - 29.73 %
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0 200
Html is minified: 109.28 % 6.997
B
small visible content (num chars: 43)
Home of example.com Nothing to see here.
• http://example.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
1.2.3.4
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0 301
https://example.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Html is minified: 100.00 % 0.640
A
Visible Content: Moved Permanently The document has moved here .
• http://www.example.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
1.2.3.4
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0 301
https://www.example.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Html is minified: 100.00 % 0.636
A
Visible Content: Moved Permanently The document has moved here .
• https://example.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0 404
Html is minified: 100.00 % 5.593
A
Not Found
Visible Content: Not Found The requested URL was not found on this server.
• https://www.example.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0 404
Html is minified: 100.00 % 5.543
A
Not Found
Visible Content: Not Found The requested URL was not found on this server.
• https://1.2.3.4/
1.2.3.4 GZip used - 182 / 259 - 29.73 %
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0 200
Html is minified: 109.28 % 7.000
N
Certificate error: RemoteCertificateNameMismatch
small visible content (num chars: 43)
Home of example.com Nothing to see here.