Urn:ietf:params:acme:error:connection

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: my.pelvan.host

I ran this command: -

It produced this output:

Invalid response from https://acme-v02.api.letsencrypt.org/acme/authz-v3/204587814696.

Details:

Type: urn:ietf:params:acme:error:connection

Status: 400

Detail: 37.221.92.47: Fetching http://my.pelvan.host/.well-known/acme-challenge/11fFSgYgRUJbd_aBD8c-PnLpnzQWhvONEsYA_gzuc64: Connection reset by peer

My web server is (include version): plesk

The operating system my web server runs on is (include version): plesk

My hosting provider, if applicable, is: plesk

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): yes

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): -

Something is weird about your server.

The first HTTP request seems to get abruptly interrupted, and then follow-up ones work okay. This is happening to me from multiple locations:

root@letsdebug:~# curl -i my.pelvan.host
curl: (56) Recv failure: Connection reset by peer

root@letsdebug:~# curl -i my.pelvan.host
HTTP/1.1 301 Moved Permanently
Server: nginx

and

root@army-p-nutty:~# curl -i my.pelvan.host
curl: (56) Recv failure: Connection reset by peer

root@army-p-nutty:~# curl -i my.pelvan.host
HTTP/1.1 301 Moved Permanently
Server: nginx

Whatever is doing that (some kind of weird firewall?) is definitely going to cause you problems for your attempts to get a certificate.

4 Likes

Here is what I presently see

$ curl -k -Ii http://my.pelvan.host/.well-known/acme-challenge/11fFSgYgRUJbd_aBD8c-PnLpnzQWhvONEsYA_gzuc64
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 19 Feb 2023 00:50:31 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://my.pelvan.host/.well-known/acme-challenge/11fFSgYgRUJbd_aBD8c-PnLpnzQWhvONEsYA_gzuc64
$ curl -k -Ii https://my.pelvan.host/.well-known/acme-challenge/11fFSgYgRUJbd_aBD8c-PnLpnzQWhvONEsYA_gzuc64
HTTP/2 200
server: nginx
date: Sun, 19 Feb 2023 00:50:38 GMT
content-type: text/plain
content-length: 87
last-modified: Sun, 19 Feb 2023 00:40:49 GMT
etag: "63f17011-57"
x-powered-by: PleskLin
accept-ranges: bytes
$ curl -k https://my.pelvan.host/.well-known/acme-challenge/11fFSgYgRUJbd_aBD8c-PnLpnzQWhvONEsYA_gzuc64 ; echo
11fFSgYgRUJbd_aBD8c-PnLpnzQWhvONEsYA_gzuc64.q09c5Prp57LDmuqC3UaBu3xxJ7BtLEeSbL6mgrQ0eNM

And Let's Debug show OK https://letsdebug.net/my.pelvan.host/1379323

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.