My domain is: gitlab.fkti.etu.ru
I try dehydrate with tls-alpn-01
ERROR: Challenge is invalid! (returned: invalid) (result: [type] | tls-alpn-01 |
---|---|
[status] | invalid |
[error,type] | urn:ietf:params:acme:error:connection |
[error,detail] | During secondary validation: 194.85.169.149: Timeout during connect (likely firewall problem) |
[error,status] | 400 |
[error] | {type:urn:ietf:params:acme:error:connection,detail:During secondary validation: 194.85.169.149: Timeout during connect (likely firewall problem),status:400} |
[url] | https://acme-v02.api.letsencrypt.org/acme/chall-v3/171275394257/V8alYQ |
[token] | zbY9vJA23ePnu-L9La1f5exOljnUTzMPgYkoA46rWNM |
[validationRecord,0,hostname] | gitlab.fkti.etu.ru |
[validationRecord,0,port] | 443 |
[validationRecord,0,addressesResolved,0] | 194.85.169.149 |
[validationRecord,0,addressesResolved] | [194.85.169.149] |
[validationRecord,0,addressUsed] | 194.85.169.149 |
[validationRecord,0] | {hostname:gitlab.fkti.etu.ru,port:443,addressesResolved:[194.85.169.149],addressUsed:194.85.169.149} |
[validationRecord] | [{hostname:gitlab.fkti.etu.ru,port:443,addressesResolved:[194.85.169.149],addressUsed:194.85.169.149}] |
[validated] | 2022-11-01T19:24:15Z) |
Also try certbot 1.31.0
with http-01 I see two requests
3.67.67.222 - - [01/Nov/2022:19:59:45 +0300] "GET /.well-known/acme-challenge/C26Cb01tFxiC7PhRL5F2G-EgpJanUonk1jvc43JLqLw HTTP/1.1" 200 87 "-" "Mozilla/5.0 (compatible; Let's En$
23.178.112.208 - - [01/Nov/2022:19:59:46 +0300] "GET /.well-known/acme-challenge/C26Cb01tFxiC7PhRL5F2G-EgpJanUonk1jvc43JLqLw HTTP/1.1" 200 87 "-" "Mozilla/5.0 (compatible; Let'
19:44:43,464:DEBUG:certbot._internal.display.obj:Notifying user: Certbot failed to authenticate some domains (authenticator: nginx). The Certificate
Authority reported these problems:
Domain: gitlab.fkti.etu.ru
Type: connection
Detail: During secondary validation: 194.85.169.149: Fetching
http://gitlab.fkti.etu.ru/.well-known/acme-challenge/UK11SEFBVf4BmlIg5vTs0RcK7rC7jTshay4AO62vx_c: Timeout during connect (likely firewall problem)
Hint: The Certificate Authority failed to verify the temporary nginx configuration changes made by Certbot. Ensure the listed domains point to this nginx
server and that it is accessible from the internet.
Is any solution to resolve this?