Sorry if this is an obvious issues, but I have searched for answers before posting. I’m having the same problems on several domains, but here is an example one.
My domain is: students.grlucas.net
I ran this command: sudo letsencrypt --apache
It produced this output:
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for students.grlucas.net
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. students.grlucas.net (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://students.grlucas.net/.well-known/acme-challenge/uS2_aimZxvFsAiS0PSu2sr1fEMP1WiQHgSmy1a0Cp9E: Timeout during connect (likely firewall problem)
My web server is (include version): Apache/2.4.38 (Raspbian)
The operating system my web server runs on is (include version): Raspbian
My hosting provider, if applicable, is: self-hosted
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you’re using Certbot): certbot 0.31.0
I recently set up a reverse proxy with the following configuration:
<VirtualHost *:80>
ServerName students.grlucas.net
ProxyPreserveHost On
DocumentRoot /var/www/html
ProxyPass /.well-known !
ProxyPass / http://10.0.1.21:80/
ProxyPassReverse / http://10.0.1.21:80/
</VirtualHost>
I notice there are no files written in ./well-known/acme-challenge. — should there be? I created the directories and gave the web server write permissions. I’m just not sure what else to try. TIA.