Ubuntu + apache2 + letsencrypt: error creating certificate

Help
1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:
tortuga.etpi.com.br

I ran this command:
certbot --preconfigured-renewal and certbot --apache

It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
An unexpected error occurred:
requests.exceptions.ConnectionError: HTTPSConnectionPool(host='acme-v02.api.letsencrypt.org', port=443): Max retries exceeded with url: /directory (Caused by NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x7fb3500de940>: Failed to establish a new connection: [Errno -3] Temporary failure in name resolution'))
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

My web server is (include version):
apache2

The operating system my web server runs on is (include version):
ubuntu 22.04 lts

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):
yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
not

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
certbot 2.9.0

/var/log/apache2
log error.log:
[Fri Mar 01 10:38:26.065963 2024] [ssl:warn] [pid 11011:tid 140569387673472] AH01906: tortuga.etpi.com.br:443:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)

/etc/apache2/sites-available
000-default.conf
default-ssl.conf
localhost.conf
server.conf
tortuga.etpi.com.br.conf

sites-available config:
<VirtualHost *:80>
ServerName tortuga.etpi.com.br
ServerAlias tortuga.etpi.com.br
KeepAlive Off
Redirect / https://tortuga.etpi.com.br/

<VirtualHost *:443>
ServerName tortuga.etpi.com.br
ServerAlias tortuga.etpi.com.br
KeepAlive Off

root@tortuga:/etc/apache2/sites-available# cat 000-default.conf
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com

    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/html
    ServerName tortuga.etpi.com.br
    Redirect permanent / https://tortuga.etpi.com.br/

    # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
    # error, crit, alert, emerg.
    # It is also possible to configure the loglevel for particular
    # modules, e.g.
    #LogLevel info ssl:warn

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    <Directory /var/www/html/>
            AllowOverride ALL
            Require all granted
    </Directory>

    # For most configuration files from conf-available/, which are
    # enabled or disabled at a global level, it is possible to
    # include a line for only one particular virtual host. For example the
    # following line enables the CGI configuration for this host only
    # after it has been globally disabled with "a2disconf".
    #Include conf-available/serve-cgi-bin.conf

vim: syntax=apache ts=4 sw=4 sts=4 sr noet

root@tortuga:/etc/apache2/sites-available# cat localhost.conf
<VirtualHost *:80>
ServerName localhost
ServerAlias localhost
ErrorLog /etc/apache2/logs/localhost_error_log
TransferLog /etc/apache2/logs/localhost_access_log
LogLevel warn
KeepAlive On
MaxKeepAliveRequests 75
KeepAliveTimeout 5
<Location "/server-status">
SetHandler server-status

ERROR LOG LETS:

urllib3.exceptions.NewConnectionError: <urllib3.connection.HTTPSConnection object at 0x7fb3500de940>: Failed to establish a new connection: [Errno -3] Temporary failure in name resolution

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "/snap/certbot/3643/lib/python3.8/site-packages/requests/adapters.py", line 486, in send
resp = conn.urlopen(
File "/snap/certbot/3643/lib/python3.8/site-packages/urllib3/connectionpool.py", line 799, in urlopen
retries = retries.increment(
File "/snap/certbot/3643/lib/python3.8/site-packages/urllib3/util/retry.py", line 592, in increment
raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='acme-v02.api.letsencrypt.org', port=443): Max retries exceeded with url: /directory (Caused by NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x7fb3500de940>: Failed to establish a new connection: [Errno -3] Temporary failure in name resolution'))

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "/snap/certbot/3643/bin/certbot", line 8, in
sys.exit(main())
File "/snap/certbot/3643/lib/python3.8/site-packages/certbot/main.py", line 19, in main
return internal_main.main(cli_args)
File "/snap/certbot/3643/lib/python3.8/site-packages/certbot/_internal/main.py", line 1894, in main
return config.func(config, plugins)
File "/snap/certbot/3643/lib/python3.8/site-packages/certbot/_internal/main.py", line 1443, in run
le_client = _init_le_client(config, authenticator, installer)
File "/snap/certbot/3643/lib/python3.8/site-packages/certbot/_internal/main.py", line 838, in _init_le_client
return client.Client(config, acc, authenticator, installer, acme=acme)
File "/snap/certbot/3643/lib/python3.8/site-packages/certbot/_internal/client.py", line 297, in init
acme = acme_from_config_key(config, self.account.key, self.account.regr)
File "/snap/certbot/3643/lib/python3.8/site-packages/certbot/_internal/client.py", line 72, in acme_from_config_key
directory = acme_client.ClientV2.get_directory(config.server, net)
File "/snap/certbot/3643/lib/python3.8/site-packages/acme/client.py", line 330, in get_directory
return messages.Directory.from_json(net.get(url).json())
File "/snap/certbot/3643/lib/python3.8/site-packages/acme/client.py", line 705, in get
self._send_request('GET', url, **kwargs), content_type=content_type)
File "/snap/certbot/3643/lib/python3.8/site-packages/acme/client.py", line 647, in _send_request
response = self.session.request(method, url, *args, **kwargs)
File "/snap/certbot/3643/lib/python3.8/site-packages/requests/sessions.py", line 589, in request
resp = self.send(prep, **send_kwargs)
File "/snap/certbot/3643/lib/python3.8/site-packages/requests/sessions.py", line 703, in send
r = adapter.send(request, **kwargs)
File "/snap/certbot/3643/lib/python3.8/site-packages/requests/adapters.py", line 519, in send
raise ConnectionError(e, request=request)
requests.exceptions.ConnectionError: HTTPSConnectionPool(host='acme-v02.api.letsencrypt.org', port=443): Max retries exceeded with url: /directory (Caused by NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x7fb3500de940>: Failed to establish a new connection: [Errno -3] Temporary failure in name resolution'))
2024-03-01 11:01:19,988:ERROR:certbot._internal.log:An unexpected error occurred:
2024-03-01 11:01:19,988:ERROR:certbot._internal.log:requests.exceptions.ConnectionError: HTTPSConnectionPool(host='acme-v02.api.letsencrypt.org', port=443): Max retries exceeded with url: /directory (Caused by NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x7fb3500de940>: Failed to establish a new connection: [Errno -3] Temporary failure in name resolution'))
root@tortuga:/var/log/letsencrypt#

I AM SETTING UP THE CERTIFICATE FOR MY WEBSITE, HOWEVER THESE ERRORS OCCUR AND I DON'T KNOW THE REASON, I TRIED TO RESOLVE IT BUT WITHOUT SUCCESS. I AM USING UBUNTU AND APACHE2.

2

There is a DNS issue with your server.

3 Likes
3

Why would you run THAT command? With the --preconfigured-renewal option? Because that option is not meant to be run by the user itself.

2 Likes
4

The firewall is actually blocked. It is
Now there was another type of error.

Commands below:

root@tortuga:~# certbot --apache

Saving debug log to /var/log/letsencrypt/letsencrypt.log

Which names would you like to activate HTTPS for?
We recommend selecting either all domains, or all domains in a VirtualHost/server block.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: tortuga.etpi.com.br
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 1
Requesting a certificate for tortuga.etpi.com.br

Certbot failed to authenticate some domains (authenticator: apache). The Certificate Authority reported these problems:
  Domain: tortuga.etpi.com.br
  Type:   connection
  Detail: 173.249.1.113: Fetching http://tortuga.etpi.com.br/.well-known/acme-challenge/dH3MFJhxZdmZ7R0MaTvQ_u7HqFx5lGfXFz5s0g1WzX4: Error getting validation data

Hint: The Certificate Authority failed to verify the temporary Apache configuration changes made by Certbot. Ensure that the listed domains point to this Apache server and that it is accessible from the internet.

Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.




---------------------------------------------------------------------

LOGS:

2024-03-01 14:07:31,689:DEBUG:urllib3.connectionpool:http://localhost:None "GET /v2/connections?snap=certbot&interface=content HTTP/1.1" 200 97
2024-03-01 14:07:32,277:DEBUG:certbot._internal.main:certbot version: 2.9.0
2024-03-01 14:07:32,278:DEBUG:certbot._internal.main:Location of certbot entry point: /snap/certbot/3643/bin/certbot
2024-03-01 14:07:32,278:DEBUG:certbot._internal.main:Arguments: ['--apache', '--preconfigured-renewal']
2024-03-01 14:07:32,278:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2024-03-01 14:07:32,294:DEBUG:certbot._internal.log:Root logging level set at 30
2024-03-01 14:07:32,296:DEBUG:certbot._internal.plugins.selection:Requested authenticator apache and installer apache
2024-03-01 14:07:32,400:DEBUG:certbot_apache._internal.configurator:Apache version is 2.4.52
2024-03-01 14:07:32,620:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * apache
Description: Apache Web Server plugin
Interfaces: Authenticator, Installer, Plugin
Entry point: EntryPoint(name='apache', value='certbot_apache._internal.entrypoint:ENTRYPOINT', group='certbot.plugins')
Initialized: <certbot_apache._internal.override_debian.DebianConfigurator object at 0x7fda4f8ba370>
Prep: True
2024-03-01 14:07:32,621:DEBUG:certbot._internal.plugins.selection:Selected authenticator <certbot_apache._internal.override_debian.DebianConfigurator object at 0x7fda4f8ba370> and installer <certbot_apache._internal.override_debian.DebianConfigurator object at 0x7fda4f8ba370>
2024-03-01 14:07:32,622:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator apache, Installer apache
2024-03-01 14:07:32,707:DEBUG:certbot._internal.main:Picked account: <Account(RegistrationResource(body=Registration(key=None, contact=(), agreement=None, status=None, terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/1593485277', new_authzr_uri=None, terms_of_service=None), 76c0a0377e54c5131906abe9eeba7940, Meta(creation_dt=datetime.datetime(2024, 2, 28, 16, 25, 58, tzinfo=<UTC>), creation_host='vmi247511.contaboserver.net', register_to_eff='comercial@etpi.com.br'))>
2024-03-01 14:07:32,708:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2024-03-01 14:07:32,712:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443
2024-03-01 14:07:33,144:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 752
2024-03-01 14:07:33,145:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Fri, 01 Mar 2024 17:07:33 GMT
Content-Type: application/json
Content-Length: 752
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "bdNINx2O3QQ": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
  "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
  "meta": {
    "caaIdentities": [
      "letsencrypt.org"
    ],
    "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf",
    "website": "https://letsencrypt.org"
  },
  "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
  "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
  "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
  "renewalInfo": "https://acme-v02.api.letsencrypt.org/draft-ietf-acme-ari-02/renewalInfo/",
  "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}
2024-03-01 14:07:38,604:DEBUG:certbot._internal.display.obj:Notifying user: Requesting a certificate for tortuga.etpi.com.br
2024-03-01 14:07:38,633:DEBUG:acme.client:Requesting fresh nonce
2024-03-01 14:07:38,633:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
2024-03-01 14:07:38,775:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0
2024-03-01 14:07:38,776:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Fri, 01 Mar 2024 17:07:38 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: cotaLR5qkMTl-plX7H7JmII7oWBFgrRJZll7azcBYSdcAC5QRng
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800


2024-03-01 14:07:38,776:DEBUG:acme.client:Storing nonce: cotaLR5qkMTl-plX7H7JmII7oWBFgrRJZll7azcBYSdcAC5QRng
2024-03-01 14:07:38,776:DEBUG:acme.client:JWS payload:
b'{\n  "identifiers": [\n    {\n      "type": "dns",\n      "value": "tortuga.etpi.com.br"\n    }\n  ]\n}'
2024-03-01 14:07:38,780:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTU5MzQ4NTI3NyIsICJub25jZSI6ICJjb3RhTFI1cWtNVGwtcGxYN0g3Sm1JSTdvV0JGZ3JSSlpsbDdhemNCWVNkY0FDNVFSbmciLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9",
  "signature": "V63oePXVRyXwQA7zRaJzlMhpExjjAV4xWP25Mlr9RteMnddRaBw2KVft-K0TNIyISO_K09cZwvEKJumjwhzK9WMK5ebd6G5GoWd2zPfz3IjIvQSRjXGFlfVTaixh0cYQJLsl13bVp1cDW2jUspolOISklkXV_Vskjd6EYUCeGd4IjRWySQJfGnlho0Mv4EnL6Rf7JcEBNY9ngkjpoOAqZh1BJlsMtAB8q-4j0R3_eN8W5O_CCbGOdyrBB1FTx74GWfEf3kzQiz7O_8RPzr4NYtUt9ks9Qnwt2dYnN_1H0TDPK61iiiFV4_L2vBoL5j9I6P49asF34DohviC1JIEeyA",
  "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInRvcnR1Z2EuZXRwaS5jb20uYnIiCiAgICB9CiAgXQp9"
}
2024-03-01 14:07:39,183:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 345
2024-03-01 14:07:39,183:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Date: Fri, 01 Mar 2024 17:07:39 GMT
Content-Type: application/json
Content-Length: 345
Connection: keep-alive
Boulder-Requester: 1593485277
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Location: https://acme-v02.api.letsencrypt.org/acme/order/1593485277/248767240927
Replay-Nonce: iCRP5AvKYrfq3N-rWvHwYCSB23TzCgEvvmZIz46HKgaX7G815CQ
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "status": "pending",
  "expires": "2024-03-08T17:07:38Z",
  "identifiers": [
    {
      "type": "dns",
      "value": "tortuga.etpi.com.br"
    }
  ],
  "authorizations": [
    "https://acme-v02.api.letsencrypt.org/acme/authz-v3/321283557267"
  ],
  "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/1593485277/248767240927"
}
2024-03-01 14:07:39,183:DEBUG:acme.client:Storing nonce: iCRP5AvKYrfq3N-rWvHwYCSB23TzCgEvvmZIz46HKgaX7G815CQ
2024-03-01 14:07:39,184:DEBUG:acme.client:JWS payload:
b''
2024-03-01 14:07:39,185:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/321283557267:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTU5MzQ4NTI3NyIsICJub25jZSI6ICJpQ1JQNUF2S1lyZnEzTi1yV3ZId1lDU0IyM1R6Q2dFdnZtWkl6NDZIS2dhWDdHODE1Q1EiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzMyMTI4MzU1NzI2NyJ9",
  "signature": "e45HboKu-BLwMjq-5_nKTzU3rShCJZerc_RARlFdys-hXHtX0CejxBdSmbICDQFIovxB7wVuunCo03YfdRNQ8-xf9-CswaMMCtG6LAP6Ggk9A1_dJNlWsNcFTS_fxG0G4rgjc9fv4TWpCKfjczw48VM2hHC32zCJgiEBXPKbnWRmqDTKVxiJAgvaMzAE2Ls-H7Igt2FdCuhwVMcpCR8sVHdzzx5ySxhpIPExuhkBumboQG411HWQpzMPtbZ8gzU3TdE6ou1kZAudJSPAjYrtPvlYwQ_x8WzabFHWbqcBOdXkUq9SFWD64-t8EfVW5AGYFEFthhS46KZ9KaDfEx7H5A",
  "payload": ""
}
2024-03-01 14:07:39,416:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/321283557267 HTTP/1.1" 200 803
2024-03-01 14:07:39,417:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Fri, 01 Mar 2024 17:07:39 GMT
Content-Type: application/json
Content-Length: 803
Connection: keep-alive
Boulder-Requester: 1593485277
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: cotaLR5qD58NQGi0HJAmHkOTLsh2w899n5PUMmTMPAm1pfBia2c
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "tortuga.etpi.com.br"
  },
  "status": "pending",
  "expires": "2024-03-08T17:07:38Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/321283557267/-_Nx1w",
      "token": "dH3MFJhxZdmZ7R0MaTvQ_u7HqFx5lGfXFz5s0g1WzX4"
    },
    {
      "type": "dns-01",
      "status": "pending",


.
.
.
.
.
2024-03-01 14:07:44,342:INFO:certbot._internal.auth_handler:Challenge failed for domain tortuga.etpi.com.br
2024-03-01 14:07:44,342:INFO:certbot._internal.auth_handler:http-01 challenge for tortuga.etpi.com.br
2024-03-01 14:07:44,342:DEBUG:certbot._internal.display.obj:Notifying user:
Certbot failed to authenticate some domains (authenticator: apache). The Certificate Authority reported these problems:
  Domain: tortuga.etpi.com.br
  Type:   connection
  Detail: 173.249.1.113: Fetching http://tortuga.etpi.com.br/.well-known/acme-challenge/dH3MFJhxZdmZ7R0MaTvQ_u7HqFx5lGfXFz5s0g1WzX4: Error getting validation data

Hint: The Certificate Authority failed to verify the temporary Apache configuration changes made by Certbot. Ensure that the listed domains point to this Apache server and that it is accessible from the internet.

2024-03-01 14:07:44,344:DEBUG:certbot._internal.error_handler:Encountered exception:
Traceback (most recent call last):
  File "/snap/certbot/3643/lib/python3.8/site-packages/certbot/_internal/auth_handler.py", line 108, in handle_authorizations
    self._poll_authorizations(authzrs, max_retries, max_time_mins, best_effort)
  File "/snap/certbot/3643/lib/python3.8/site-packages/certbot/_internal/auth_handler.py", line 212, in _poll_authorizations
    raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.

2024-03-01 14:07:44,344:DEBUG:certbot._internal.error_handler:Calling registered functions
2024-03-01 14:07:44,344:INFO:certbot._internal.auth_handler:Cleaning up challenges
2024-03-01 14:07:44,578:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
  File "/snap/certbot/3643/bin/certbot", line 8, in <module>
    sys.exit(main())
  File "/snap/certbot/3643/lib/python3.8/site-packages/certbot/main.py", line 19, in main
    return internal_main.main(cli_args)
5

I was actually testing it because it hadn't worked before. But I only did it once.

6

Are you seeing anything related to ACME challenge requests in the Apache logs?
I get this for an HTTP request:

curl -Ii http://tortuga.etpi.com.br/.well-known/acme-challenge/Test_File-1234
curl: (56) Recv failure: Connection reset by peer

And this for an HTTPS request [VERY STRANGE]:

curl -Ii https://tortuga.etpi.com.br/.well-known/acme-challenge/Test_File-1234
curl: (7) Failed to connect to tortuga.etpi.com.br port 443 after 139 ms: No route to host

Also, please show the output from your server of this command:

curl -4 ifconfig.me

2 Likes
7

error:
Could not resolve host: ifconfig or ifconfig.me

ifconfig or ifconfig.me ?

8

So sorry
That should have been:

curl -4 ipconfig.me

1 Like
9

I don't think it matter much as it redirects.

$ curl -Ii ipconfig.me
HTTP/1.1 301 Moved Permanently
Date: Fri, 01 Mar 2024 20:08:05 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 54
Connection: keep-alive
cache-control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: -1
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Security-Policy: script-src 'self'
Location: https://ifconfig.me/
Vary: Accept
1 Like
10

I should look twice before I post - LOL

Try:

curl -4 ifconfig.io

2 Likes
11

Or
curl -4 ifconfig.co

1 Like
12

OK, then we can consolidate them into:

curl -4 ifconfig.[co|io|me]

[one of those three should work]

1 Like
13

I like that one @rg305

1 Like
14

image

15

Is your DNS working?
Show:
dig www.google.com
cat /etc/resolv.conf

2 Likes
16

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.