Using my certificate will not renew, replys connection refused

My domain is:

I ran this command:
/root/ --renew -d --force

It produced this output:
[Fri Dec 10 10:44:20 CST 2021] Renew: ''
[Fri Dec 10 10:44:25 CST 2021] Using CA:
[Fri Dec 10 10:44:27 CST 2021] Single domain=''
[Fri Dec 10 10:44:28 CST 2021] Getting domain auth token for each domain
[Fri Dec 10 10:44:37 CST 2021] Getting webroot for domain=''
[Fri Dec 10 10:44:40 CST 2021] Verifying:
[Fri Dec 10 10:44:44 CST 2021] Pending, The CA is processing your order, please just wait. (1/30)
[Fri Dec 10 10:44:49 CST 2021] error:Fetching Connection refused
[Fri Dec 10 10:44:50 CST 2021] Please check log file for more details: /root/

My web server is (include version):
Server version: Apache/2.4.23 (Linux/SUSE)
Server built: 2019-08-22 13:36:51.000000000 +0000

The operating system my web server runs on is (include version): Just upgraded to

My hosting provider, if applicable, is: Self Hosted

I can login to a root shell on my machine (yes or no, or I don't know): Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
/ v3.0.2

1 Like

The message means what it says, you're trying to request a certificate for but connection attempts to it are being refused. I can't get to it either.

$ curl
curl: (7) Failed to connect to port 80 after 33 ms: Connection refused

So, either the server doesn't have the web server running, or there's some firewall in front of it that is blocking the connection. In order to use HTTP-01 authentication to get a certificate, you need to have your http site working first.



The web server was running before a power outage on Monday. Then after it came up after the outage the website was unreachable. I have been trying to get a newer version of SLES installed, and now have it at SLES12 SP5. I will try again after I am able to get to the webserver again. Thanks for your input, as I had forgot that the process requires the Letsencrypt server has to talk to the server the certificate is being issued / renewed for.

Have a great day!



I'd start unraveling this Apache mess with:
sudo apachectl -t -D DUMP_VHOSTS

Also, using --force won't make a broken system work.


Using your suggestion I was able to unravel the Apache2 issues the upgrade was not able to fix in my configuration. I was then able to renew the certificate normally. Thanks for help!


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.