Timeout on authorization challenge

Help
1

I have gone through the Q/A on this forum and elsewhere but cannot figure out the problem

I am trying to use letsEncrypt/certbot on Ubuntu 16.04 7 Nginx

I have created an A record for my alias and IP address

I have manually created directories:

/var/www/letsencrypt/.well-known/acme-challenge/
 /var/www/mydomain/.well-known/acme-challenge/

And a test text file /var/www/letsencrypt/.well-known/acme-challenge/test

My nginx config file looks like this:

root@Staging-Linux-1:~# more /etc/nginx/sites-available/mydomain.conf
server {
        listen 80 default_server;
        listen [::]:80 default_server ipv6only=on;
        server_name linuxstaging1.tplmaps.com;

        include /etc/nginx/snippets/letsencrypt.conf;

        root /var/www/mydomain;
        index index.html;
        location / {
                try_files $uri $uri/ =404;
        }
}

Screenshot of the DNS entry + evidence I can reach the server too

es3
es3.png906×381 45 KB

I am logged in as root user (sudo -i)

I tried using the simpler guidelines on digitialocean but eventually tried the following: https://gist.github.com/cecilemuller/a26737699a7e70a7093d4dc115915de8

But I still get an error:

root@Staging-Linux-1:~# certbot certonly --webroot --agree-tos --no-eff-email --email samiullah@tplmaps.com -w /var/www/letsencrypt -d linuxstaging1.tplmaps.com
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for linuxstaging1.tplmaps.com
Using the webroot path /var/www/letsencrypt for all unmatched domains.
Waiting for verification...
Cleaning up challenges
Unable to clean up challenge directory /var/www/letsencrypt/.well-known/acme-challenge
Failed authorization procedure. linuxstaging1.tplmaps.com (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://linuxstaging1.tplmaps.com/.well-known/acme-challenge/7M3rV2c5t3bEgfnkQg_dsxjfK0ahSnAOKDQxaRfz8_4: Timeout

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: linuxstaging1.tplmaps.com
   Type:   connection
   Detail: Fetching
   http://linuxstaging1.tplmaps.com/.well-known/acme-challenge/7M3rV2c5t3bEgfnkQg_dsxjfK0ahSnAOKDQxaRfz8_4:
   Timeout

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address. Additionally, please check that
   your computer has a publicly routable IP address and that no
   firewalls are preventing the server from communicating with the
   client. If you're using the webroot plugin, you should also verify
   that you are serving files from the webroot path you provided.
2

Please dont redact your domain. We need it to determine the cause of the timeout.

3

OK sure, let me put it back in

4

redaction removed - thanks

5

The host is not responding to requests from the internet.

If you have some kind of firewall filtering access to 80/tcp, you need to disable it if you wish to use the HTTP validation method.

6

Oh I get it… doh moment - thanks

If anyone else is interested… before running the cerbot, run the following from your commandline and see it works:

curl http://.well-known/acme-challenge/test

7

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.