Website opens internally and by public IP, but not by domain name, cert will not renew

My domain is:

The operating system my web server runs on a raspberry pi with Buster.

My hosting provider is: google domains

I can login to a root shell on my machine (yes)

I ran the commands on this site with errors

I had previously been successful in setting the website up with no errors in running cert commands. I have moved to a different house, same IP address, and still have port forwarding over port 80 enabled.
Attempting to access the site, it does not work unless internally.

Im assumed that the Cert for the site was needing to be renewed, when used the command
sudo certbot renew
I received this error

http-01 challenge for
http-01 challenge for
Waiting for verification...
Challenge failed for domain
http-01 challenge for
Cleaning up challenges
Failed to renew certificate with error: Some challenges have failed.

All renewals failed. The following certificates could not be renewed:
/etc/letsencrypt/live/ (failure)

1 renew failure(s), 0 parse failure(s)

  • The following errors were reported by the server:

    Type: connection
    Detail: Fetching
    Timeout during connect (likely firewall problem)

    To fix these errors, please make sure that your domain name was
    entered correctly and the DNS A/AAAA record(s) for that domain
    contain(s) the right IP address. Additionally, please check that
    your computer has a publicly routable IP address and that no
    firewalls are preventing the server from communicating with the
    client. If you're using the webroot plugin, you should also verify
    that you are serving files from the webroot path you provided"

I have double check that the raspberry pi is port forwarded through my router via port 80.

What are some next step troubleshooting i can do here?
The device can ping as well as the gateway.
The website is reachable by public IP address via port 80.

Let me know. has IPv4 address has IPv4 address

Unless you're intending for those names to be different sites, you probably intend for them to have the same IP. If you're getting an error authenticating but it works to authenticate, I'm guessing the IP for is wrong.

Usually people expect the www. name and the name without to do the same thing, but there's nothing in the Internet standard that requires them to be that way, so you end up needing to configure some things twice. :slight_smile:

1 Like

Hello Peter,
Neither of those sites are working right now, But yes, they need to be on the same IP. Could you point in the direction on how to set both of those to the same IP?

I can access has IPv4 address via the public IP address internally, But when i attempt to access that public address off network, im prompted with a frontier(my isp) webpage stating it needs login creds...

Any next steps? I have turned the device off right now FYI

I've not used Google domains myself, but if that's who you bought your name with that's probably where you need to update DNS to point to the right IPs.

As to getting your device to be accessible from that IP from the Internet, you may need to check your router or ISP's documentation; that's a pretty broad topic.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.