Hello!
I have a webserver with about 50 different domains and a single certificate for each domain. Everything worked fine for at least half a year, but last week one certificate didn’t renew. certbot always shows me a timeout, but I didn’t change any configuration.
I already tried to delete the certificate and requested a new one, but I get the same error.
It’s about gjspunk.de. See all details below. Another domain on the host which works is e.g. gruene-jugend.de.
Here is the relevant part of my nginx config:
server {
listen 80;
listen [::]:80;
server_name gruene-jugend.de gjspunk.de; #all my domains are listed here
root /var/www/html;
location / {
try_files $uri @httpsrewrite;
}
location @httpsrewrite {
return 301 https://$host$request_uri;
}
}
A test file is placed in /var/www/html/.well-known/test, which is accessible at http://gjspunk.de/.well-known/test:
$ curl http://gjspunk.de/.well-known/test
ok
My domain is: gjspunk.de
I ran this command: certbot certonly --webroot -w /var/www/html -d "gjspunk.de" --register-unsafely-without-email --non-interactive --agree-tos
It produced this output: Failed authorization procedure. gjspunk.de (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://gjspunk.de/.well-known/acme-challenge/WPuHV_swYkw47TogYTDjG3HpyMr5hEIQu1UunSLjh28: Timeout
My web server is (include version): nginx/1.13.1
The operating system my web server runs on is (include version): Debian 8.8
My hosting provider, if applicable, is: OVH
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no
Any idea what the problem is? I already checked the access_log and the firewall-log, but no one has any entries relating to cerbot/letsencrypt…
Thanks a lot!