Timeout during connect (likely firewall problem)

It seems you have not done that yet:

Name:    k142.unaux.com
Address:  185.27.134.216

Doesn't match your current Internet IP:
image

O.M.G.
But because I got this automatic in profreehost.com, now i dont know how to do changed this from 185.27.134.216 to 14.255.76.114
:frowning: cry for me

1 Like

Wasn't this panel controlling that IP?:
image

No, that was the previous domain from a different provider.

1 Like

Hi rg305, i tried create subdomain k142.mooo.com with IP: 14.255.76.144:image
But its still fail:
image

I wish you were be there to help me directly :frowning:

For the apache plugin, which uses the http-01 challenge to verify ownership of the hostname, port 80 should be open for connections from the world wide web. Currently, Let's Encrypt can't connect to your IP address on port 80, nor can I.

Does your internet service provider allow incoming TCP connections on port 80?

Also, just wondering, you're down to your third new domain name already. What's the actual reason you require a Let's Encrypt certificate to begin with?

2 Likes

Hi, my homework is Create a safe web server on Raspberry Pi, using Let's Encrypt.
i dont know how to check this (internet service provider allow incoming TCP connections on port 80). which domain should i use? Any domain is faulty

Ah, so it's a task :slight_smile: Is your Raspberry Pi possibly behind a router on your home network? If so, did you open port 80 and port 443 in your router? It can be called "port map" too.

You can use your IP address for that on online websites such as Open Port Check Tool - Test Port Forwarding on Your Router

Does your ISP provide information on how to port forward?
If not, you could always try getting a cert manually via DNS authentication.
More difficult and harder to automate...
But if this just a one-time assignment, that might do the trick.

OR

Depending on your exact assignment restrictions... and end goal.
I could generate a new cert for an unused name and send you the cert files to use.
[not a very secure process... but I'm just trying to get you to the finish line]
That said, if the grade will include being able to hit that site securely over the Internet, you will need to get the port forwarding thing figured out.

1 Like

i use ubuntu instead because i don't have raspberry pi :<
Btw, with k142.unaux.com, here it is: image
but with k142.mooo.com, it is:image
im crying

You need a functional HTTP site first.
That requires getting the Internet to reach your RPi on port 80.
That requires modification to your ISP router.

im trying to enable this port in my router, and try one more time because it's 3AM in my location :< I will be back with good news.
Thank @Osiris and @rg305 so much

1 Like

That's an early night for us here!

Well, that could be a problem with those free DNS providers, but I'm not an expert on those.

It's no use to test IP addresses which are not applicable.

1 Like

No, there are free ones that work well with DNS auth.

1 Like

Could you share the free DNS providers you know of which have good DNS authentication capabilities?

2 Likes

Posh-ACME/docs/Plugins at main · rmbolger/Posh-ACME · GitHub
I see a few on that list.

2 Likes

Hi @rg305 and @Osiris , hope everyone has a good day.
I decided to try to open port 80 on my router, by logging in IP 14.255.76.144 and modify it, but it took a while for the technician to re-issue my password and account.
Next thing I would do is: create a new domain with IP address 14.255.76.144 on freedns.affaid.org, reinstall Apache and Certbot.
Is this route correct?

1 Like

It's OK, but I think I dont know how to do, this link can help me? How to use Let's Encrypt DNS-01 challenge validation? - Server Fault

Thank you but I am forced to complete this exercise by myself, although I really want this help, I can't :<

1 Like