Timeout during connect (likely firewall problem)

I do not understand the world anymore ...
Can someone help me I just can't get any further..
what information do you need?


Which names would you like to activate HTTPS for?

1: …………...dns-jack.net

Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 1
Requesting a certificate for meinhost.dns-jack.net

Certbot failed to authenticate some domains (authenticator: apache). The Certifi cate Authority reported these problems:
Domain: meinhost.dns-jack.net
Type: connection
Detail: Fetching http://.............dns-jack.net/.well-known/acme-cha llenge/5EQMpwBk9wPNAoIXMO1bOBL3CLST0aJieO7oniOfQDs: Timeout during connect (like ly firewall problem)

Hint: The Certificate Authority failed to verify the temporary Apache configurat ion changes made by Certbot. Ensure that the listed domains point to this Apache server and that it is accessible from the internet.

Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See t he logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for mo re details.

Welcome to the community @166166cc161f1f11161f

The Let's Encrypt server is not able to contact your server to verify the request.

I do not see port 80 (or 443) open to your server. Do you have a router that connects to your ISP? If so, make sure ports are open and forwarded as needed to your server.

Check any firewall you have to be sure these ports are open. Port 80 needs to be open for the HTTP challenge to work. Port 443 is the normal port for https requests once you get your cert and configured.

Maybe check to be sure you don't block IP addresses from certain parts of the world (often called GEO block).

Nmap scan report for meinhost.dns-jack.net (
rDNS record for ip-078-043-040-005.um18.pools.vodafone-ip.de
80/tcp  filtered http
443/tcp filtered https

Note: I checked your IPv4 address even though you also have an IPv6 address in your DNS. The IPv6 fails in such a way that certbot then tries IPv4 (so that's what I checked). You might have something wrong with IPv6 too.


First of all thanks for the quick reply!
I have to, I'm quite new to this topic and not a computer person.
I installed an Ubuntu server and set up Nextcloud and followed the instructions, I think Nextcloud works, but I can't get an SSH certificate.
I have a Fritz box as a red one and ports 80 and 443 are open there

nano /etc/apache2/sites-available/nextcloud.conf
<VirtualHost *:80>
ServerAdmin batbat@t-online
DocumentRoot /var/www/nextcloud/
ServerName meinhost.dns-jack.net

 <Directory /var/www/nextcloud/>
    Options +FollowSymlinks
    AllowOverride All
    Require all granted
      <IfModule mod_dav.c>
        Dav off
    SetEnv HOME /var/www/nextcloud
    SetEnv HTTP_HOME /var/www/nextcloud

 ErrorLog ${APACHE_LOG_DIR}/error.log
 CustomLog ${APACHE_LOG_DIR}/access.log combined

I am sure that I am still missing further settings but how and where???
would be nice if you could help me

Does your ISP allow inbound requests to you on ports 80 and 443?

Some ISP's block residential accounts from these ports.

You must have a working HTTP site to get a cert using the HTTP challenge. There's not much I can do than offer general advice about getting your site visible to the public internet.

You can use the Let's Debug test site to help work through initial setup problems. Once you get a successful test you should be able to get a cert.


Thanks !!
I'm open to any advice.
i will try .

1 Like

Other than checking with your ISP. You might want to try a nextcloud forum. They might have good advice on getting your initial setup working.


Thanks !!
I'm open to any advice.
i will try .

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.