Updating cert but server is not in default port 80

Please fill out the fields below so we can help you better.

My domain is:sitesat.intersite.com.br

I ran this command:./letsencrypt-auto certonly -c letsencrypt_update.ini -d sitesat.intersite.com.br --http-01-port 81

It produced this output:
/root/.local/share/letsencrypt/lib/python2.6/site-packages/cryptography/init.py:26: DeprecationWarning: Python 2.6 is no longer supported by the Python core team, please upgrade your Python. A future version of cryptography will drop support for Python 2.6
DeprecationWarning
Failed authorization procedure. sitesat.intersite.com.br (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Could not connect to http://sitesat.intersite.com.br/.well-known/acme-challenge/FgI1ZKXgbi2l4VoKjbjsE57AazrmsySiH9GkVroo-Ck

IMPORTANT NOTES:

• The following errors were reported by the server:

  Domain: sitesat.intersite.com.br
  Type: connection
  Detail: Could not connect to
  http://sitesat.intersite.com.br/.well-known/acme-challenge/FgI1ZKXgbi2l4VoKjbjsE57AazrmsySiH9GkVroo-Ck

  To fix these errors, please make sure that your domain name was
  entered correctly and the DNS A record(s) for that domain
  contain(s) the right IP address. Additionally, please check that
  your computer has a publicly routable IP address and that no
  firewalls are preventing the server from communicating with the
  client. If you're using the webroot plugin, you should also verify
  that you are serving files from the webroot path you provided.

My operating system is (include version):CentOS 6.4

My web server is (include version):Apache 2.2.15+Glasfish 3.1.1

[root@IS230 letsencrypt]# cat letsencrypt_update.ini
rsa-key-size = 4096
server = https://acme-v01.api.letsencrypt.org/directory
authenticator = webroot
text = True
agree-tos = True
renew-by-default = True
email = edilmaralves@intersite.com.br
webroot-path = /sistemas/sitesat2-cte

I look at these discussions, with no success:
https://community.letsencrypt.org/t/support-for-ports-other-than-80-and-443/3419/27
https://community.letsencrypt.org/t/http-access-only-through-port-8585/14515

Before Let’s Encrypt will issue a certificate, they have to verify that you control the hostname(s) for which you’re requesting the cert. They currently have three ways of doing that: (1) HTTP authentication, (2) TLS authentication, and (3) DNS authentication.

HTTP authentication requires that they be able to connect, from the public Internet, to port 80 of each hostname for which you’re seeking a cert. You can specify a different port on the client, and it will listen on that port for the challenge, but the public Internet has to get its response on port 80.

The TLS challenge requires the same thing, but with port 443 rather than port 80.

If both ports 80 and 443 are blocked by your ISP, you should probably look at changing ISPs. However, you can also use the DNS challenge. This is not supported by certbot, but it is supported by many of the alternative clients, including letsencrypt.sh, acme.sh, and lego.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.