Thanks for the fast response! I use dyndns to get a static address for my home server (http://staar.dyndns.org/) and point michaelstaar.com to that address. I tried to setup let's encrypt using staar.dyndns.org as well but received similar results. Is it possible to get a certificate with this kind of setup?
Below is the log when using staar.dyndns.org:
2023-02-09 19:40:03,168:DEBUG:certbot._internal.main:certbot version: 1.21.0
2023-02-09 19:40:03,168:DEBUG:certbot._internal.main:Location of certbot entry point: /bin/letsencrypt
2023-02-09 19:40:03,168:DEBUG:certbot._internal.main:Arguments: ['-a', 'webroot', '-d', 'staar.dyndns.org', '--webroot-path', '/var/www/michaelstaar.com', '--duplicate', '--force-renewal', '--non-interactive', '--agree-tos', '--config', '/tmp/.webmin/528517_7971_1_letsencrypt.cgi', '--rsa-key-size', '2048', '--cert-name', 'staar.dyndns.org']
2023-02-09 19:40:03,168:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2023-02-09 19:40:03,171:DEBUG:certbot._internal.log:Root logging level set at 30
2023-02-09 19:40:03,171:DEBUG:certbot._internal.plugins.selection:Requested authenticator webroot and installer None
2023-02-09 19:40:03,171:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * webroot
Description: Place files in webroot directory
Interfaces: Authenticator, Plugin
Entry point: webroot = certbot._internal.plugins.webroot:Authenticator
Initialized: <certbot._internal.plugins.webroot.Authenticator object at 0x7f7372347dc0>
Prep: True
2023-02-09 19:40:03,172:DEBUG:certbot._internal.plugins.selection:Selected authenticator <certbot._internal.plugins.webroot.Authenticator object at 0x7f7372347dc0> and installer None
2023-02-09 19:40:03,172:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator webroot, Installer None
2023-02-09 19:40:03,198:DEBUG:certbot._internal.main:Picked account: <Account(RegistrationResource(body=Registration(key=None, contact=(), agreement=None, status=None, terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/957724926', new_authzr_uri=None, terms_of_service=None), 23b97e9dd4ebe4cf56435b10b3f0d63d, Meta(creation_dt=datetime.datetime(2023, 2, 10, 0, 24, 34, tzinfo=<UTC>), creation_host='staarserver', register_to_eff=None))>
2023-02-09 19:40:03,199:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2023-02-09 19:40:03,199:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443
2023-02-09 19:40:04,140:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 756
2023-02-09 19:40:04,140:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Fri, 10 Feb 2023 00:40:04 GMT
Content-Type: application/json
Content-Length: 756
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"YzEtV6Z7Jy8": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
"keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
"meta": {
"caaIdentities": [
"letsencrypt.org"
],
"termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf",
"website": "https://letsencrypt.org"
},
"newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
"newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
"newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
"renewalInfo": "https://acme-v02.api.letsencrypt.org/get/draft-ietf-acme-ari-00/renewalInfo/",
"revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}
2023-02-09 19:40:04,140:DEBUG:certbot._internal.display.obj:Notifying user: Requesting a certificate for staar.dyndns.org
2023-02-09 19:40:04,241:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0003_key-certbot.pem
2023-02-09 19:40:04,243:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0003_csr-certbot.pem
2023-02-09 19:40:04,244:DEBUG:acme.client:Requesting fresh nonce
2023-02-09 19:40:04,244:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
2023-02-09 19:40:04,301:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0
2023-02-09 19:40:04,301:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Fri, 10 Feb 2023 00:40:04 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: F977xpA-S3ZMbVr1UOsSg8mgXNBHjiGwMQi7t_JYg4TwC-M
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
2023-02-09 19:40:04,301:DEBUG:acme.client:Storing nonce: F977xpA-S3ZMbVr1UOsSg8mgXNBHjiGwMQi7t_JYg4TwC-M
2023-02-09 19:40:04,301:DEBUG:acme.client:JWS payload:
b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "staar.dyndns.org"\n }\n ]\n}'
2023-02-09 19:40:04,302:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvOTU3NzI0OTI2IiwgIm5vbmNlIjogIkY5Nzd4cEEtUzNaTWJWcjFVT3NTZzhtZ1hOQkhqaUd3TVFpN3RfSllnNFR3Qy1NIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ",
"signature": "VWdaiD9FpIk-Hs1P1PceqYRIA12wYmxCqMnH6CNIDj7fDbdE653jhV9ecUI_ZZY-kB8wOIouNzjwXVe7Dohe8KQy1IyEKo41Ivyp4Un2aJ4s_FRnX4-xwQa9kl_BX7XaXul3GnCzB_N8QuzVlfUT9APb0OGX-hj3nvZqpBnLsDJRhVbtOQIARksCArssaFYlCQgeblzVR0BcStX-PUutV4EBx5WsvetaRB0lHbF9Q-1RnFdXidVMlNX7vjwdPmuiykXk6guJAygaDWtpWZv1c6pQiP1PsRQrJatd9Jd2SmDNgfgJhNi_O91wn82NIMsjdcaRo-EDfxnzneCE4w4zrQ",
"payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInN0YWFyLmR5bmRucy5vcmciCiAgICB9CiAgXQp9"
}
2023-02-09 19:40:04,385:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 341
2023-02-09 19:40:04,385:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Date: Fri, 10 Feb 2023 00:40:04 GMT
Content-Type: application/json
Content-Length: 341
Connection: keep-alive
Boulder-Requester: 957724926
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Location: https://acme-v02.api.letsencrypt.org/acme/order/957724926/163895050056
Replay-Nonce: 2712Hq-4eTqSw8Vtb0Qkm4236beKVSTf2kKhHGqxM76cbmk
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"status": "pending",
"expires": "2023-02-17T00:40:04Z",
"identifiers": [
{
"type": "dns",
"value": "staar.dyndns.org"
}
],
"authorizations": [
"https://acme-v02.api.letsencrypt.org/acme/authz-v3/202228892046"
],
"finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/957724926/163895050056"
}
2023-02-09 19:40:04,385:DEBUG:acme.client:Storing nonce: 2712Hq-4eTqSw8Vtb0Qkm4236beKVSTf2kKhHGqxM76cbmk
2023-02-09 19:40:04,385:DEBUG:acme.client:JWS payload:
b''
2023-02-09 19:40:04,386:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/202228892046:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvOTU3NzI0OTI2IiwgIm5vbmNlIjogIjI3MTJIcS00ZVRxU3c4VnRiMFFrbTQyMzZiZUtWU1RmMmtLaEhHcXhNNzZjYm1rIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDIyMjg4OTIwNDYifQ",
"signature": "TI2EPp67Rwn3aapG9rHqE1Y4QbmnwJdVJen9fmJLeUKdIMfdDa25RCi8Mbh82pd6C6km3Ad73VG_FCTQMCackMfSdkqKrE8urtQEzbWFE5RWll4SWOPgBbJ837KPSAkh1JD1EzTz__96-R51-RjYfDMr-h-Cg-CYNyostneeiD6jq-Cp2fO72hsQ2bWIBc-f-AUIdimhMeJigSMUsd95YTSvRiph1EM1eQglH-g4C0eqPRM_3vxDOP0_k_cEMAYx6lD4pJVAplFdmOWBoma-TYRd3w5nwkaxWa5fH8f2gkCPhXszI6gzcPgKpCRrnXT7jgw5hImuMObC4-earGsvnQ",
"payload": ""
}
2023-02-09 19:40:04,446:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/202228892046 HTTP/1.1" 200 800
2023-02-09 19:40:04,446:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Fri, 10 Feb 2023 00:40:04 GMT
Content-Type: application/json
Content-Length: 800
Connection: keep-alive
Boulder-Requester: 957724926
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 2712lpjmK1kMymlBdDWFDD6_1RdPHrHmDLHwtwjExfZ0jOE
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "staar.dyndns.org"
},
"status": "pending",
"expires": "2023-02-17T00:40:04Z",
"challenges": [
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/202228892046/tfE5Sw",
"token": "JxHYk4uH1ZZJgIkzjBIEbmyY8ej2NgT6g9Vg0jrrRJM"
},
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/202228892046/tovs8Q",
"token": "JxHYk4uH1ZZJgIkzjBIEbmyY8ej2NgT6g9Vg0jrrRJM"
},
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/202228892046/tX7hgA",
"token": "JxHYk4uH1ZZJgIkzjBIEbmyY8ej2NgT6g9Vg0jrrRJM"
}
]
}
2023-02-09 19:40:04,447:DEBUG:acme.client:Storing nonce: 2712lpjmK1kMymlBdDWFDD6_1RdPHrHmDLHwtwjExfZ0jOE
2023-02-09 19:40:04,447:INFO:certbot._internal.auth_handler:Performing the following challenges:
2023-02-09 19:40:04,447:INFO:certbot._internal.auth_handler:http-01 challenge for staar.dyndns.org
2023-02-09 19:40:04,447:INFO:certbot._internal.plugins.webroot:Using the webroot path /var/www/michaelstaar.com for all unmatched domains.
2023-02-09 19:40:04,447:DEBUG:certbot._internal.plugins.webroot:Creating root challenges validation dir at /var/www/michaelstaar.com/.well-known/acme-challenge
2023-02-09 19:40:04,447:DEBUG:certbot._internal.plugins.webroot:Attempting to save validation to /var/www/michaelstaar.com/.well-known/acme-challenge/JxHYk4uH1ZZJgIkzjBIEbmyY8ej2NgT6g9Vg0jrrRJM
2023-02-09 19:40:04,447:DEBUG:acme.client:JWS payload:
b'{}'
2023-02-09 19:40:04,448:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/202228892046/tfE5Sw:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvOTU3NzI0OTI2IiwgIm5vbmNlIjogIjI3MTJscGptSzFrTXltbEJkRFdGREQ2XzFSZFBIckhtRExId3R3akV4Zlowak9FIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My8yMDIyMjg4OTIwNDYvdGZFNVN3In0",
"signature": "Yadmvy-r68VcuTl0jmYOveyxswpaIyO8-7kYHutHrDn1LDGBNMHtO-e4M5VqF5OHdzzKZxzaymd0smosb2xrYe0NrWCR7oZvzPDH_iGo-nfluirdBvp1kFp5MTSNf86Uapz5DTX6cuLriP_Z-19jsxu8lwo_gX46L7Mmdi9aTLpApHnYiqya4GIhxZRfcmIY2HbyQX8LR2THLluFgX0_QwbaBLGP9PGnJx-zRtcRaXlkp3k1DI0bgsLjCwuCJn6vaM60_XVHeZ253nmlxCpb4UJKMpTPKF2dkE4tD4TjOswurjqbt05D12Y4f_Gvkm6Om5hvwc2QdX_jcxwLk3YsXw",
"payload": "e30"
}
2023-02-09 19:40:04,518:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/202228892046/tfE5Sw HTTP/1.1" 200 187
2023-02-09 19:40:04,518:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Fri, 10 Feb 2023 00:40:04 GMT
Content-Type: application/json
Content-Length: 187
Connection: keep-alive
Boulder-Requester: 957724926
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index", <https://acme-v02.api.letsencrypt.org/acme/authz-v3/202228892046>;rel="up"
Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/202228892046/tfE5Sw
Replay-Nonce: 853FH0hTqovpdMcTBFBiEUx5rMiPd6OcYWpC4inEHf2YI10
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/202228892046/tfE5Sw",
"token": "JxHYk4uH1ZZJgIkzjBIEbmyY8ej2NgT6g9Vg0jrrRJM"
}
2023-02-09 19:40:04,518:DEBUG:acme.client:Storing nonce: 853FH0hTqovpdMcTBFBiEUx5rMiPd6OcYWpC4inEHf2YI10
2023-02-09 19:40:04,519:INFO:certbot._internal.auth_handler:Waiting for verification...
2023-02-09 19:40:05,520:DEBUG:acme.client:JWS payload:
b''
2023-02-09 19:40:05,520:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/202228892046:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvOTU3NzI0OTI2IiwgIm5vbmNlIjogIjg1M0ZIMGhUcW92cGRNY1RCRkJpRVV4NXJNaVBkNk9jWVdwQzRpbkVIZjJZSTEwIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDIyMjg4OTIwNDYifQ",
"signature": "Z1mrPtpq-5jYpZhRyMH05KE4Lri_KlpBt0Lik2oY4Up3WHhIq4YR4ZFNx1iOFT5eUiOOguXJz8TNRToz-NlPdzEGI70DA-wcJvywdxm39CGNnJy9O29Ey7HWNprfk9UGwyj5VSrMUxVAaH9eCjqWFKksq1h5xCJn4ZD7svgtwGKU9uYgw0Gq8QW8izZOPBHsgIBzlrAciRxl1_YY4APHHIHJhZ-pUxY60uv4fmWhuEHrFIfpbPvzIU-fyao91llhfDsndiGhN1c7EFrmk4K-8rRk9RuXjqNLGnzJEacLMmHWkLuwVa9a9CU9SGsWHS-hnvGgxoJIbao5T9IhxJVnfA",
"payload": ""
}
2023-02-09 19:40:05,594:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/202228892046 HTTP/1.1" 200 800
2023-02-09 19:40:05,594:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Fri, 10 Feb 2023 00:40:05 GMT
Content-Type: application/json
Content-Length: 800
Connection: keep-alive
Boulder-Requester: 957724926
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: A5FEsqBn7vIjHTG3MJVL0mOJFZgh-i2P0FO1v4iOYphrD9A
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "staar.dyndns.org"
},
"status": "pending",
"expires": "2023-02-17T00:40:04Z",
"challenges": [
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/202228892046/tfE5Sw",
"token": "JxHYk4uH1ZZJgIkzjBIEbmyY8ej2NgT6g9Vg0jrrRJM"
},
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/202228892046/tovs8Q",
"token": "JxHYk4uH1ZZJgIkzjBIEbmyY8ej2NgT6g9Vg0jrrRJM"
},
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/202228892046/tX7hgA",
"token": "JxHYk4uH1ZZJgIkzjBIEbmyY8ej2NgT6g9Vg0jrrRJM"
}
]
}
2023-02-09 19:40:05,594:DEBUG:acme.client:Storing nonce: A5FEsqBn7vIjHTG3MJVL0mOJFZgh-i2P0FO1v4iOYphrD9A
2023-02-09 19:40:08,594:DEBUG:acme.client:JWS payload:
b''
2023-02-09 19:40:08,595:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/202228892046:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvOTU3NzI0OTI2IiwgIm5vbmNlIjogIkE1RkVzcUJuN3ZJakhURzNNSlZMMG1PSkZaZ2gtaTJQMEZPMXY0aU9ZcGhyRDlBIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDIyMjg4OTIwNDYifQ",
"signature": "ELmnQ97e3cdF8DEa7kbqb3_Wbx6VH1h7GwikBgz-iNLLWYzO7JVQB3Wtby0LHQ_t28XGu_oVhIGWqm_G0x-0LlrUwXPTM5fwsIizorm-K0I7wGGmW8sIqHzlK9IqYtPhtOTM4xOAV9mQ9uL59NSvzA-wLhY-ITCH8JH5Bw2wqxx_ouC3qNZA7sju9xWSiHZoLevfilk2KvEIrFshb0R7AqQjLNhqUdECSMq8LaFiBR6ng4bhhf8GC9oKZa6QuoaMkEwLRd7WXwDlxzosi-C7GXVKIkhtNq7GXZcJNXkQ5A0pY1eL5F7t2zuEFOQUE_AfLHZ86H8tbI3EhMquDI37BQ",
"payload": ""
}
2023-02-09 19:40:08,668:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/202228892046 HTTP/1.1" 200 800
2023-02-09 19:40:08,668:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Fri, 10 Feb 2023 00:40:08 GMT
Content-Type: application/json
Content-Length: 800
Connection: keep-alive
Boulder-Requester: 957724926
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: F977SrRV8HyEVJi99gBrcZnr3eWbZxUPp_KdF6sayY_aX3Q
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "staar.dyndns.org"
},
"status": "pending",
"expires": "2023-02-17T00:40:04Z",
"challenges": [
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/202228892046/tfE5Sw",
"token": "JxHYk4uH1ZZJgIkzjBIEbmyY8ej2NgT6g9Vg0jrrRJM"
},
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/202228892046/tovs8Q",
"token": "JxHYk4uH1ZZJgIkzjBIEbmyY8ej2NgT6g9Vg0jrrRJM"
},
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/202228892046/tX7hgA",
"token": "JxHYk4uH1ZZJgIkzjBIEbmyY8ej2NgT6g9Vg0jrrRJM"
}
]
}
2023-02-09 19:40:08,668:DEBUG:acme.client:Storing nonce: F977SrRV8HyEVJi99gBrcZnr3eWbZxUPp_KdF6sayY_aX3Q
2023-02-09 19:40:11,670:DEBUG:acme.client:JWS payload:
b''
2023-02-09 19:40:11,671:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/202228892046:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvOTU3NzI0OTI2IiwgIm5vbmNlIjogIkY5NzdTclJWOEh5RVZKaTk5Z0JyY1pucjNlV2JaeFVQcF9LZEY2c2F5WV9hWDNRIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDIyMjg4OTIwNDYifQ",
"signature": "SK7jMu3zjf6kBjNu3E7Xo9cA5zF3uiIxj8ln2iPoXddwUY8pAhrz5RtWsNk6f2AA-dkLvb58wJaRQUfGDIVkDlNqtbsgrxs5UoxfotszO3G7mIlWKeDd61g7jKiK5mYU7S1WTnuxiILKuFFPejEuch_bd8dcJURBD2tCgC5r0lWXsWxoHSHiWiDISiu28K63g9nMQLDrEqALIAu8-Xw_ditysx4xCC16TDNRhWaY9K83fsVNDso_5L88CsXw_sA56tGzz_vlz3kDH5nHHr39aA-DBx3sAg_QEAR2vxKOVKtmwSd6Cms8JMwL0do6ArZLg-Jy6tooUTy2vzu411cnjQ",
"payload": ""
}
2023-02-09 19:40:11,740:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/202228892046 HTTP/1.1" 200 800
2023-02-09 19:40:11,740:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Fri, 10 Feb 2023 00:40:11 GMT
Content-Type: application/json
Content-Length: 800
Connection: keep-alive
Boulder-Requester: 957724926
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: A5FEo1NmAgYiV4UhfVxJYBwilCLEAxEdz-q3kg2sfs8iXVI
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "staar.dyndns.org"
},
"status": "pending",
"expires": "2023-02-17T00:40:04Z",
"challenges": [
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/202228892046/tfE5Sw",
"token": "JxHYk4uH1ZZJgIkzjBIEbmyY8ej2NgT6g9Vg0jrrRJM"
},
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/202228892046/tovs8Q",
"token": "JxHYk4uH1ZZJgIkzjBIEbmyY8ej2NgT6g9Vg0jrrRJM"
},
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/202228892046/tX7hgA",
"token": "JxHYk4uH1ZZJgIkzjBIEbmyY8ej2NgT6g9Vg0jrrRJM"
}
]
}
2023-02-09 19:40:11,740:DEBUG:acme.client:Storing nonce: A5FEo1NmAgYiV4UhfVxJYBwilCLEAxEdz-q3kg2sfs8iXVI
2023-02-09 19:40:14,742:DEBUG:acme.client:JWS payload:
b''
2023-02-09 19:40:14,743:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/202228892046:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvOTU3NzI0OTI2IiwgIm5vbmNlIjogIkE1RkVvMU5tQWdZaVY0VWhmVnhKWUJ3aWxDTEVBeEVkei1xM2tnMnNmczhpWFZJIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDIyMjg4OTIwNDYifQ",
"signature": "A3EfnT0oDEnnSE0-NFmavmmCj_Bgzhe825GXKHxRMYiO3-Bht0VX647ktdvxrET0LE4WOmFn6sIdtouH4IE0i70ddoIEQ3v8yrBwQmJ6yOIhV1N9YCr2ug-y6WQTTdmQyIRhrm1Mxr0eZn-YGAc584v_WH4JBz5pFpaox_k6nWOSJFIkgbjweaGOG8WXhTsg8X4RywtrZflT72eW4KBn3k_x5kY4cxQX146Bi5UtdjhHmqXcdpOW_pqOkR1So_T_0gduGj1-uIIrVwC3sxCtKq7glpTu26PX31DmAA689FcTWa8_uE6z8u6FKznCgVOwIEQRP6AdJYmX-d3obwAZcQ",
"payload": ""
}
2023-02-09 19:40:14,812:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/202228892046 HTTP/1.1" 200 800
2023-02-09 19:40:14,812:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Fri, 10 Feb 2023 00:40:14 GMT
Content-Type: application/json
Content-Length: 800
Connection: keep-alive
Boulder-Requester: 957724926
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: A5FErZjGaqjRTmzScLVkoK8pg7LRQDZOOk2m7azKF7rUtAs
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "staar.dyndns.org"
},
"status": "pending",
"expires": "2023-02-17T00:40:04Z",
"challenges": [
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/202228892046/tfE5Sw",
"token": "JxHYk4uH1ZZJgIkzjBIEbmyY8ej2NgT6g9Vg0jrrRJM"
},
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/202228892046/tovs8Q",
"token": "JxHYk4uH1ZZJgIkzjBIEbmyY8ej2NgT6g9Vg0jrrRJM"
},
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/202228892046/tX7hgA",
"token": "JxHYk4uH1ZZJgIkzjBIEbmyY8ej2NgT6g9Vg0jrrRJM"
}
]
}
2023-02-09 19:40:14,812:DEBUG:acme.client:Storing nonce: A5FErZjGaqjRTmzScLVkoK8pg7LRQDZOOk2m7azKF7rUtAs
2023-02-09 19:40:17,814:DEBUG:acme.client:JWS payload:
b''
2023-02-09 19:40:17,815:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/202228892046:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvOTU3NzI0OTI2IiwgIm5vbmNlIjogIkE1RkVyWmpHYXFqUlRtelNjTFZrb0s4cGc3TFJRRFpPT2sybTdhektGN3JVdEFzIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMDIyMjg4OTIwNDYifQ",
"signature": "OXNPHTAbFFs8gUPE0ML138Gc0k7Hqr1Xjj1EY7JQja61sVXZRimwhRmWm7rncdnZPNF-cXMNpSq-TsYB0IsmhV-emZlIl-1uZYKufa3OL-sNHG1Q4b4j4qpdRd-OdoLLnVy8JSNJAi-E9LsCIMfgsXfEpmkqLKQkFInrS1-11UkViQ8vlhrGGGqWfGjgRX7nZD556DOPlAx4x6llKCPVwZTsoQbBNJqlTAkBSik0b4ZP_rzN8MLpxlF1_sDOkQeFN7qyHNym6RT3PZuyGIOIRXa7ZkIzsjYCgzM7fKgelc9Oa2MfeN3hecyZdW08sQ6-Ib0bvx3AH2o07DTIcK5lvg",
"payload": ""
}
2023-02-09 19:40:17,874:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/202228892046 HTTP/1.1" 200 1095
2023-02-09 19:40:17,875:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Fri, 10 Feb 2023 00:40:17 GMT
Content-Type: application/json
Content-Length: 1095
Connection: keep-alive
Boulder-Requester: 957724926
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: A5FEGc4urMM5U6z4vWYN4FboJHGH2AhztycJeOxGn4WRW4s
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "staar.dyndns.org"
},
"status": "invalid",
"expires": "2023-02-17T00:40:04Z",
"challenges": [
{
"type": "http-01",
"status": "invalid",
"error": {
"type": "urn:ietf:params:acme:error:connection",
"detail": "2600:1700:62b3:10f::1003: Fetching http://staar.dyndns.org/.well-known/acme-challenge/JxHYk4uH1ZZJgIkzjBIEbmyY8ej2NgT6g9Vg0jrrRJM: Timeout during connect (likely firewall problem)",
"status": 400
},
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/202228892046/tfE5Sw",
"token": "JxHYk4uH1ZZJgIkzjBIEbmyY8ej2NgT6g9Vg0jrrRJM",
"validationRecord": [
{
"url": "http://staar.dyndns.org/.well-known/acme-challenge/JxHYk4uH1ZZJgIkzjBIEbmyY8ej2NgT6g9Vg0jrrRJM",
"hostname": "staar.dyndns.org",
"port": "80",
"addressesResolved": [
"2600:1700:62b3:10f::1003"
],
"addressUsed": "2600:1700:62b3:10f::1003"
}
],
"validated": "2023-02-10T00:40:04Z"
}
]
}
2023-02-09 19:40:17,875:DEBUG:acme.client:Storing nonce: A5FEGc4urMM5U6z4vWYN4FboJHGH2AhztycJeOxGn4WRW4s
2023-02-09 19:40:17,875:INFO:certbot._internal.auth_handler:Challenge failed for domain staar.dyndns.org
2023-02-09 19:40:17,875:INFO:certbot._internal.auth_handler:http-01 challenge for staar.dyndns.org
2023-02-09 19:40:17,875:DEBUG:certbot._internal.display.obj:Notifying user:
Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems:
Domain: staar.dyndns.org
Type: connection
Detail: 2600:1700:62b3:10f::1003: Fetching http://staar.dyndns.org/.well-known/acme-challenge/JxHYk4uH1ZZJgIkzjBIEbmyY8ej2NgT6g9Vg0jrrRJM: Timeout during connect (likely firewall problem)
Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet.
2023-02-09 19:40:17,875:DEBUG:certbot._internal.error_handler:Encountered exception:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 90, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, best_effort)
File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 178, in _poll_authorizations
raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.
2023-02-09 19:40:17,875:DEBUG:certbot._internal.error_handler:Calling registered functions
2023-02-09 19:40:17,875:INFO:certbot._internal.auth_handler:Cleaning up challenges
2023-02-09 19:40:17,875:DEBUG:certbot._internal.plugins.webroot:Removing /var/www/michaelstaar.com/.well-known/acme-challenge/JxHYk4uH1ZZJgIkzjBIEbmyY8ej2NgT6g9Vg0jrrRJM
2023-02-09 19:40:17,875:DEBUG:certbot._internal.plugins.webroot:All challenges cleaned up
2023-02-09 19:40:17,875:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
File "/bin/letsencrypt", line 33, in <module>
sys.exit(load_entry_point('certbot==1.21.0', 'console_scripts', 'certbot')())
File "/usr/lib/python3/dist-packages/certbot/main.py", line 15, in main
return internal_main.main(cli_args)
File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1574, in main
return config.func(config, plugins)
File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1434, in certonly
lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)
File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 133, in _get_and_save_cert
lineage = le_client.obtain_and_enroll_certificate(domains, certname)
File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 459, in obtain_and_enroll_certificate
cert, chain, key, _ = self.obtain_certificate(domains)
File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 389, in obtain_certificate
orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 439, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 90, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, best_effort)
File "/usr/lib/python3/dist-packages/certbot/_internal/auth_handler.py", line 178, in _poll_authorizations
raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.
2023-02-09 19:40:17,876:ERROR:certbot._internal.log:Some challenges have failed.