It's been half a day I'm spending on this issue, I'm a Linux admin since 20 years and for me there is something wrong with Let's Encrypt servers not all reaching my customer web server for a reason I don't know...
My customer domain is: lista-porno.eu
Let's Encrypt module with PLESK
It produced this output:
ERR [extension/letsencrypt] Domain validation failed for lista-porno.eu: Invalid response from https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/116834587.
Details:
Type: urn:ietf:params:acme:error:connection
Status: 400
Detail: Fetching http://lista-porno.eu/.well-known/acme-challenge/BFk924N1I6KjgD2e7O2Sq6V02VB0G9CfjjFaaR9phtM Timeout during connect (likely firewall problem)
My web server is (include version): Apache + Nginx
The operating system my web server runs on is (include version): Centos 7
My hosting provider, if applicable, is: OVH
I can login to a root shell on my machine (yes or no, or I don't know): YES
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): PLESK
Some more details :
- Firewall is open to port 80 + 443 (you can check yourself going to http/https with the ACME key).
- There is only 1 "A" record for this domain and "www" subdomain, there are no "AAAA" records.
There are 3 requests (successful status 200) coming from lets encrypt validation servers to the my web server (access log below) :
|2020-09-22 12:55:39|Access|52.58.118.98|200|GET /.well-known/acme-challenge/BFk924N1I6KjgD2e7O2Sq6V02VB0G9CfjjFaaR9phtM HTTP/1.1||Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)|87|nginx access|
|2020-09-22 12:55:39|Access|34.211.60.134|200|GET /.well-known/acme-challenge/BFk924N1I6KjgD2e7O2Sq6V02VB0G9CfjjFaaR9phtM HTTP/1.1||Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)|87|nginx access|
|2020-09-22 12:55:40|Access|18.224.20.83|200|GET /.well-known/acme-challenge/BFk924N1I6KjgD2e7O2Sq6V02VB0G9CfjjFaaR9phtM HTTP/1.1||Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)|87|nginx access|