Timeout error on certbot (Nextcloud / Apache2 on Ubuntu)

First time trying to get Nextcloud to work, its all up and working but I need to get the SSL certificate up for google to trust it.

The domain is via asus, which dont give you ability to edit DNS records. (https://squiznet.asuscomm.com)
This is a Ubuntu 18.04.3 LTS - Its the nextcloud manual installation method, with Apache2 for the web server

This is the error I keep getting. Keep in mind port 80 and 443 are being forwarded to the correct IP
*> sudo certbot *
> Saving debug log to /var/log/letsencrypt/letsencrypt.log
> Plugins selected: Authenticator apache, Installer apache
*> *
> Which names would you like to activate HTTPS for?
> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
> 1: squiznet.asuscomm.com
> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
> Select the appropriate numbers separated by commas and/or spaces, or leave input
*> blank to select all options shown (Enter ‘c’ to cancel): *
> Obtaining a new certificate
> Performing the following challenges:
> http-01 challenge for squiznet.asuscomm.com
> Waiting for verification…
> Cleaning up challenges
> Failed authorization procedure. squiznet.asuscomm.com (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://squiznet.asuscomm.com/.well-known/acme-challenge/i79eW7A0_gXCPD0ATyZKl9s_IAWKMUfYckAIbzwM8Ro: Timeout during connect (likely firewall problem)
*> *
> IMPORTANT NOTES:
> - The following errors were reported by the server:
*> *
> Domain: squiznet.asuscomm.com
> Type: connection
> Detail: Fetching
> http://squiznet.asuscomm.com/.well-known/acme-challenge/i79eW7A0_gXCPD0ATyZKl9s_IAWKMUfYckAIbzwM8Ro:
> Timeout during connect (likely firewall problem)
*> *
> To fix these errors, please make sure that your domain name was
> entered correctly and the DNS A/AAAA record(s) for that domain
> contain(s) the right IP address. Additionally, please check that
> your computer has a publicly routable IP address and that no
> firewalls are preventing the server from communicating with the
> client. If you’re using the webroot plugin, you should also verify
> that you are serving files from the webroot path you provided.

Anyone have any suggestions where I am going wrong? Could it be permissions?

1 Like

Hi @digiben

there are checks of your domain, 20 minutes old and yesterday - https://check-your-website.server-daten.de/?q=squiznet.asuscomm.com

Only Timeouts:

Domainname Http-Status redirect Sec. G
http://squiznet.asuscomm.com/ 2.25.158.124 -14 10.046 T
Timeout - The operation has timed out
https://squiznet.asuscomm.com/ 2.25.158.124 -14 10.047 T
Timeout - The operation has timed out
http://squiznet.asuscomm.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 2.25.158.124 -14 10.043 T
Timeout - The operation has timed out

Your port 80 must answer.

But why do you need a new certificate. There is one, created 2019-12-30 13:36:31.

Issuer not before not after Domain names LE-Duplicate next LE
Let’s Encrypt Authority X3 2019-12-30 2020-03-29 squiznet.asuscomm.com - 1 entries

Works http internal?

curl http://squiznet.asuscomm.com/

from that machine?

1 Like

That one was when I used the snap installation of nextcloud, but I had to dump that install when it wouldnt allow me to look outside its container. So this is a new install, and I dont have that certificate (wish I had made a copy!)

No that curl failed no you mention it. Does it matter that I have apache set to redirect port 80 to 443?

That’s not a problem if your configuration is correct.

But port 80 must answer. No answer -> no http validation.

Read

then

1 Like

Cheers for that, just need to figure out why the port is blocked.

Nextcloud doesnt want to respond on http 80, i cant see any reason why in the conf files at all. even when i turn off the https redirect, its still not going past the apache error screen

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.