Urn:acme:error:connection :: Connection impossible from the server on port 443

hamzaa · June 15, 2017, 10:20am

Please fill out the fields below so we can help you better.

I ran this command:
certbot

It produced this output:
Which names would you like to activate HTTPS for?
-------------------------------------------------------------------------------
1: glpi.cefim.eu
-------------------------------------------------------------------------------
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter ‘c’ to cancel):1
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
Obtaining a new certificate
Performing the following challenges:
tls-sni-01 challenge for glpi.cefim.eu
/usr/lib/python2.7/dist-packages/OpenSSL/rand.py:58: UserWarning: implicit cast from 'char ’ to a different pointer type: will be forbidden in the future (check that the types are as you expect; use an explicit ffi.cast() if they are correct)
** result_code = _lib.RAND_bytes(result_buffer, num_bytes)*
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. glpi.cefim.eu (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Failed to connect to 52.17.128.132:443 for tls-sni-01 challenge

IMPORTANT NOTES:
** - The following errors were reported by the server:**

** Domain: glpi.cefim.eu**
** Type: connection**
** Detail: Failed to connect to 52.17.128.132:443 for tls-sni-01**
** challenge**

** To fix these errors, please make sure that your domain name was**
** entered correctly and the DNS A record(s) for that domain**
** contain(s) the right IP address. Additionally, please check that**
** your computer has a publicly routable IP address and that no**
** firewalls are preventing the server from communicating with the**
** client. If you’re using the webroot plugin, you should also verify**
** that you are serving files from the webroot path you provided.**

My web server is (include version):
Server version: Apache/2.4.10 (Debian)

The operating system my web server runs on is (include version):
Linux CertBot 3.16.0-4-686-pae #1 SMP Debian 3.16.43-2 (2017-04-30) i686 GNU/Linux

My hosting provider, if applicable, is:
AWS

I can login to a root shell on my machine (yes or no, or I don’t know):
YES

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
NO

I just saw on the firewall rules that the port 443 isn’t close. Please help and tell me if you need more informations.
Thanks

Patches · June 15, 2017, 7:31pm

I can see that port 80 (unencrypted HTTP) is open on that IP address while port 443 (HTTPS) is closed.

Are you sure you opened port 443 in both your operating system firewall (via ssh) and in the Amazon Web Services control panel?

system · July 15, 2017, 7:32pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.