Hi,
I was able to create the SSL certificat in manual mode three months ago.
I moved the server to another location keeping the domain name but with different IP address without any problem.
After three month, I tried to renew the certificat without success.
So, I revoked and deleted the certificate that I manually created using certbot manual option.
Now, I tried to create the certificat directly from the NAS hosting the server web but all my attempts with webroot and standelone plugins have failed with the same message: Timeout.
My current understanding of the issue is that Let’s Encrypt tries to connect my server for the challenge but it is not able to get the challenge file. I think Let’s Encrypt uses the IPv6 IP address of the box without trying the IPv4.
But the web server is not reachable from the IPv6 address. Let’s Encrypt should use the IPv4 address.
Did I something wrong or there is a problem with Let’s Encrypt?
Thank you in advance for your help.
Best Regards.
My domain is: zebulon.freeboxos.fr
With the standelone plugin, I ran this command:
/etc/init.d/nginx stop && certbot certonly --standalone --preferred-challenges http --rsa-key-size 4096 -w /var/www -d zebulon.freeboxos.fr
With the webroot plugin, I ran this command:
certbot certonly --webroot --rsa-key-size 4096 -w /var/www -d zebulon.freeboxos.fr
It produced this output:
Failed authorization procedure. zebulon.freeboxos.fr (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://zebulon.freeboxos.fr/.well-known/acme-challenge/DehoMuQzHy4sw-7Ln4IU3NxZ5-LPa-wFC6fdRWv7XF0: Timeout
IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: zebulon.freeboxos.fr
Type: connection
Detail: Fetching
http://zebulon.freeboxos.fr/.well-known/acme-challenge/DehoMuQzHy4sw-7Ln4IU3NxZ5-LPa-wFC6fdRWv7XF0:
Timeout
From the log
"challenges": [
{
“type”: “http-01”,
“status”: “invalid”,
“error”: {
“type”: “urn:acme:error:connection”,
“detail”: “Fetching http://zebulon.freeboxos.fr/.well-known/acme-challenge/DehoMuQzHy4sw-7Ln4IU3NxZ5-LPa-wFC6fdRWv7XF0: Timeout”,
“status”: 400
},
“uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/GSYUR4u-vK-g_Wg_YfeKxj2ZnXi3Gd72_VICQn8KDCU/1545277360”,
“token”: “DehoMuQzHy4sw-7Ln4IU3NxZ5-LPa-wFC6fdRWv7XF0”,
“keyAuthorization”: “DehoMuQzHy4sw-7Ln4IU3NxZ5-LPa-wFC6fdRWv7XF0.rUMxsjRcBj_YtGCCb5TnTl7TXO0XTpeMUKrE36HRkHc”,
“validationRecord”: [
{
“url”: “http://zebulon.freeboxos.fr/.well-known/acme-challenge/DehoMuQzHy4sw-7Ln4IU3NxZ5-LPa-wFC6fdRWv7XF0”,
“hostname”: “zebulon.freeboxos.fr”,
“port”: “80”,
“addressesResolved”: [
“88.171.241.65”,
“2a01:e35:8abf:1410::1”
],
“addressUsed”: “2a01:e35:8abf:1410::1”,
“addressesTried”: []
}
]
},
My web server is (include version): Nginx 1.10.3
The operating system my web server runs on is (include version): Debian 8 Jessie
My hosting provider, if applicable, is: Free with Freebox v6
I think my problem come form here. But the first time I was also behind a Freebox v6 working in IPv6 and IPv4.
I can login to a root shell on my machine (yes or no, or I don’t know): Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No