'urn:acme:error:connection' errors reported by the server

Hey everyone,

Trying to install my first batch of certificates, here is what I have done so far;

cd /etc
git clone GitHub - certbot/certbot: Certbot is EFF's tool to obtain certs from Let's Encrypt and (optionally) auto-enable HTTPS on your server. It can also act as a client for any other CA that uses the ACME protocol.
cd letsencrypt
./letsencrypt-auto
./letsencrypt-auto --apache

However, it would appear the following error is received;

IMPORTANT NOTES:

• The following 'urn:acme:error:connection' errors were reported by
  the server:

Domains: domain.tld, www.domain.tld
Error: The server could not connect to the client for DV

The domains in question use CloudFlare, however I have disabled CloudFlares protection on these domains, I hadn't done this the first time I used ./letsencrypt-auto --apache and a different error was produced (a TLS error).

Any ideas as to what I have done wrong? I'm running Ubuntu 14.04 LTS.

I was getting this error and it ended up being a DNS issue.

make sure your domains you’re trying to register resolve. I ran the command again with the flags --text -vv to see the errors which led me to the address resolution issue.

Seeming increasing likely, yeah. Also, would it possibly be caused by the fact Apache is running on a secondary IP allocated to the server?

i think it looks at the IP associated to the domain via DNS and the primary IP on the server, not sure to be honest… I haven’t used the client yet for an apache config, only nginx so far.

That’s what I had though, changed Apache to run on the main IP and updated the DNS though it seem to be producing the same error. Thanks for your help tough!

Fixed this issue by updating /etc/apache2/ports.conf and replacing Listen (IP):443 with just Listen 443. This presents a major issue as it means I cannot run Apache on just one IP address, any ways around this?

which instruction did you follow in order to install on nginx? Did you do it on you rlocal computer or SSH into AWS?

I’m using Apache currently, running it on Ubuntu 14.04 on an OVH dedicated server.

I meant the question to be for @relativemedia

im using certonly webroot and manually editing the nginx config

Hi I’m also getting this too as well on a pretty stock Apache 2.4 with Ubuntu 14.10. Already followed the possible solutions in here but nothing so far has stopped the errors.

What is the output on failure? From what I can see, the error messages all look very similar but you need to look quite close to see the exact issue.

Failed authorization procedure. {redacted} (tls-sni-01): urn:acme:error:tls :: The server experienced a TLS error during DV :: Failed to connect to host for DVSNI challenge

IMPORTANT NOTES:

• The following 'urn:acme:error:tls' errors were reported by the
  server:

Domains: {redacted}
Error: The server experienced a TLS error during DV

That's my exact error.
I can dive deeper into the log files and I can make a pastebin if needed.

You aren’t be any chance using CloudFlare? I had this exact error until I discovered I needed to disable CloudFlares protection (more on the issue of disabling CloudFlare just to issue a certificate here).

I was yes I’ll disable it and see if it works. Will check back in 5 minutes.

No problem. Sounds like the issue then. I know for a fact when I disabled it, worked perfectly

That did fix it completely and it worked just fine however a new issue appeared(this is an internal one and I can’t solve this with out swapping out gear at home base where it’s hosted) so for now I’ve had to revert back.

I know what to do though to get around the issue in the first place. Turn off Cloudflare!
Thanks though really appreciate it!

No problem. Glad to hear you got it sorted

I wanted to say thanks to klw for the hint @ cloudflare, perhaps the people developing this could add a test for the header “Server:cloudflare-nginx” & have a nicer message like hey disable cloudflare so we can verify your domain.