Please fill out the fields below so we can help you better.
My domain is:
I ran this command:
It produced this output:
My web server is (include version):
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don’t know):
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
my domain is prueba.tboxplanet.com
i ran this command
./letsencrypt-auto
it produced this output
An unexpected error occurred:
There were too many requests of a given type :: Error creating new authz :: Too many invalid authorizations recently.
my web server id Apache 2.2 in Centos 6.9
My hosting provider, if applicable, is: Digital Ocean
i can login to a root shell on my machine (yes)
Hi @dicn1978,
This means that you tried too many times unsuccessfully to prove control of a domain name. There would have been a different underlying error which would have been displayed to you during the failed attempts.
You can test with --staging if you’re not sure why something is failing; that doesn’t count against this limit (but issues test certificates instead of publicly-trusted ones).
This limit will clear after one hour.
thank you for your response
now the problem is
Cleaning up challenges
Failed authorization procedure. prueba.tboxplanet.com (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Connection refused
IMPORTANT NOTES:
The following errors were reported by the server:
Domain: prueba.tboxplanet.com
Type: connection
Detail: Connection refused
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you’re using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.
But when checking in whatsmydns.com the domain solves me without problems to the ip of the server
Any ideas???
Do you have a firewall preventing inbound connections on port 443?
You should check firewalls on the server itself (like ufw) and also firewalls at the hosting/VPS provider like AWS or DigitalOcean (if it’s hosted in a colocation facility) or local router level (if it’s on a broadband connection).
I am with Digital ocean, they provide firewalls for the droplets but it is not configured just have the following tables ip
[root@centos-1gb-V6-nyc1-01 letsencrypt]# iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp – 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
ACCEPT tcp – 0.0.0.0/0 0.0.0.0/0 tcp dpt:443
ACCEPT tcp – 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Can you also check in the DigitalOcean web interface that there is no network-level firewall? Some hosting services forbid inbound connections to ports by default unless you specifically request that those ports be enabled.
I configured the firewall with http and https open but the problem persists
Can you run echo "It worked" | nc -l -p 443 on your server and nc prueba.tboxplanet.com 443 on another Unix machine somewhere else? This is a good test to be sure that port 443 is really open.
the result is
[root@tboxplanet ~]# echo “It worked” | nc -l -p 443
Ncat: bind to :::443: Address already in use. QUITTING.
[root@tboxplanet ~]# nc prueba.tboxplanet.com 443
Ncat: Connection refused.
You’ll need to stop any webserver listening on 443 before running that first nc command.
this is the result in telnet
[root@edge ~]# telnet 159.203.187.73 443
Trying 159.203.187.73…
Connected to 159.203.187.73.
Escape character is ‘^]’.
display
HTTP/1.1 400 Bad Request
Date: Tue, 25 Jul 2017 17:00:59 GMT
Server: Apache/2.2.15 (CentOS)
Content-Length: 301
Connection: close
Content-Type: text/html; charset=iso-8859-1
Your browser sent a request that this server could not understand.
This is different from what I was seeing before. I previously saw the web server refusing connections. Now it is speaking HTTP (not HTTPS) on port 443, which is also a problem, but seemingly not the same problem as before. Did you change something about your web server configuration?
Hello add apache to the command
Listen 443
And now the error reporting is as follows:
Performing the following challenges:
Tls-sni-01 challenge for test.tboxplanet.com
Waiting for verification …
Cleaning up challenges
Failed authorization procedure. Test.tboxplanet.com (tls-sni-01): urn: acme: error: malformed :: The request message was malformed :: Server only speaks HTTP, not TLS
IMPORTANT NOTES:
The following errors were reported by the server:
Domain: test.tboxplanet.com
Type: malformed
Detail: Server only speaks HTTP, not TLS
To fix these errors, please make sure you did not provide any
Invalid information to the client, and try running Certbot again.
This isn't useful to do before you have a certificate. It produces the "Server only speaks HTTP, not TLS" error. Certbot should do this for you.
I can use
certbot-auto ???
or
letsencrypt-auto ???
They’re the same program. The modern name is certbot-auto.
When I do not add 443 to the apache file the port does not open, the port I have open in iptables, you have some guide or tutorial of the configuration that I have to do in apache, maybe I’m missing some parameter since the connection problem is Denied persists
If using the --apache flag on your certbot-auto command, it should configure the listen 443 (and related directives) for you.
The problem is the same
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter ‘c’ to cancel): 1
Obtaining a new certificate
Performing the following challenges:
tls-sni-01 challenge for prueba.tboxplanet.com
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. prueba.tboxplanet.com (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Connection refused
IMPORTANT NOTES:
The following errors were reported by the server:
Domain: prueba.tboxplanet.com
Type: connection
Detail: Connection refused
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you’re using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.