Skip to content

Instantly share code, notes, and snippets.

@pferrel

pferrel/errors while running "sudo certbot --nginx"

Last active August 19, 2020 22:57
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save pferrel/d8083bdb912fc989aa5c1f5087f7ea3d to your computer and use it in GitHub Desktop.
Save pferrel/d8083bdb912fc989aa5c1f5087f7ea3d to your computer and use it in GitHub Desktop.
Download ZIP
Raw
errors while running "sudo certbot --nginx"
pat@angel:~$ sudo cat /var/log/letsencrypt/letsencrypt.log
2020-08-19 22:24:17,139:DEBUG:certbot._internal.main:certbot version: 1.7.0
2020-08-19 22:24:17,140:DEBUG:certbot._internal.main:Arguments: ['--nginx']
2020-08-19 22:24:17,140:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2020-08-19 22:24:17,157:DEBUG:certbot._internal.log:Root logging level set at 20
2020-08-19 22:24:17,157:INFO:certbot._internal.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2020-08-19 22:24:17,158:DEBUG:certbot._internal.plugins.selection:Requested authenticator nginx and installer nginx
2020-08-19 22:24:17,308:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx
Description: Nginx Web Server plugin
Interfaces: IAuthenticator, IInstaller, IPlugin
Entry point: nginx = certbot_nginx._internal.configurator:NginxConfigurator
Initialized: <certbot_nginx._internal.configurator.NginxConfigurator object at 0x7fbb021fadf0>
Prep: True
2020-08-19 22:24:17,309:DEBUG:certbot._internal.plugins.selection:Selected authenticator <certbot_nginx._internal.configurator.NginxConfigurator object at 0x7fbb021fadf0> and installer <certbot_nginx._internal.configurator.NginxConfigurator object at 0x7fbb021fadf0>
2020-08-19 22:24:17,309:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx
2020-08-19 22:24:17,313:DEBUG:certbot._internal.main:Picked account: <Account(RegistrationResource(body=Registration(key=None, contact=(), agreement=None, status=None, terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/94108652', new_authzr_uri=None, terms_of_service=None), 2826c73ce5bcd0880b42feabf0784628, Meta(creation_dt=datetime.datetime(2020, 8, 16, 20, 23, 26, tzinfo=<UTC>), creation_host='angel', register_to_eff=None))>
2020-08-19 22:24:17,314:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2020-08-19 22:24:17,316:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443
2020-08-19 22:24:17,583:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658
2020-08-19 22:24:17,585:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Wed, 19 Aug 2020 22:24:17 GMT
Content-Type: application/json
Content-Length: 658
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
"lWIV70xsqMc": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
"meta": {
"caaIdentities": [
"letsencrypt.org"
],
"termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
"website": "https://letsencrypt.org"
},
"newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
"newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
"newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
"revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}
2020-08-19 22:24:19,809:INFO:certbot._internal.main:Obtaining a new certificate
2020-08-19 22:24:19,946:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0018_key-certbot.pem
2020-08-19 22:24:19,949:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0018_csr-certbot.pem
2020-08-19 22:24:19,950:DEBUG:acme.client:Requesting fresh nonce
2020-08-19 22:24:19,950:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
2020-08-19 22:24:20,009:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0
2020-08-19 22:24:20,009:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Wed, 19 Aug 2020 22:24:19 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0001M4gASx1ADh32BHls0Yo2wceU4HC_ThP-4HL1vCCIduE
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
2020-08-19 22:24:20,010:DEBUG:acme.client:Storing nonce: 0001M4gASx1ADh32BHls0Yo2wceU4HC_ThP-4HL1vCCIduE
2020-08-19 22:24:20,010:DEBUG:acme.client:JWS payload:
b'{\n "identifiers": [\n {\n "type": "dns",\n "value": "example.com"\n }\n ]\n}'
2020-08-19 22:24:20,015:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvOTQxMDg2NTIiLCAibm9uY2UiOiAiMDAwMU00Z0FTeDFBRGgzMkJIbHMwWW8yd2NlVTRIQ19UaFAtNEhMMXZDQ0lkdUUiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9",
"signature": "TzXyl2Z40_vHj-7bjGlUhFZEWj5LAP-bsQ8xpwkDrFk11jP0c3KMWwRLk5tuoeY_RJKab6bhxF9mLEiG8nm07P-lrku0oKbk7Rlk8Tz3dR5t5T7Qhh1ykOlA5Dh53AeETq-7olAXs00LqSWpNKTXGbBqTeeSn0rERjpfIZS0iIyM_h4YCa6QCfTiStqe5Shp_Mm9sFA_BhMjhv5eLWVl0KsXriUW3QBPBRofahLLMGO9lRMUsrPdFQqeH3auxPKxBl-65KGgRIEeaFoRgnToaCpYNguosM5StnJh4b4higgkEZbgPugFksl4iFNahEeIghOHOFh8jHIukiWvv1d0rw",
"payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIm9jY2Ftc21hY2hldGUuY29tIgogICAgfQogIF0KfQ"
}
2020-08-19 22:24:20,567:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 347
2020-08-19 22:24:20,568:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Date: Wed, 19 Aug 2020 22:24:20 GMT
Content-Type: application/json
Content-Length: 347
Connection: keep-alive
Boulder-Requester: 94108652
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Location: https://acme-v02.api.letsencrypt.org/acme/order/94108652/4768615293
Replay-Nonce: 0001hVrzSwebUSl2YIJbjJ4ZyC1kGvbC5vyKTnmXD4gE1gE
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"status": "pending",
"expires": "2020-08-26T22:24:20.301653776Z",
"identifiers": [
{
"type": "dns",
"value": "example.com"
}
],
"authorizations": [
"https://acme-v02.api.letsencrypt.org/acme/authz-v3/6647153594"
],
"finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/94108652/4768615293"
}
2020-08-19 22:24:20,569:DEBUG:acme.client:Storing nonce: 0001hVrzSwebUSl2YIJbjJ4ZyC1kGvbC5vyKTnmXD4gE1gE
2020-08-19 22:24:20,569:DEBUG:acme.client:JWS payload:
b''
2020-08-19 22:24:20,573:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/6647153594:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvOTQxMDg2NTIiLCAibm9uY2UiOiAiMDAwMWhWcnpTd2ViVVNsMllJSmJqSjRaeUMxa0d2YkM1dnlLVG5tWEQ0Z0UxZ0UiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzY2NDcxNTM1OTQifQ",
"signature": "QfYhTZFgcdUlHKNP1ga7QJi-mpP2qUkFolecGBUc0EBi2zmCKcskpSscRAQaGwLZGP9YBnEaLL7TRmo9mFRAFgsgMdBzlp9-yQntKk7SyHXCdKXjU2Nk5F0v-tZNODAL6XgeVMFxy8wen55LeOWv3uMNIVQ_jipI3vRAzaiicujUJJkhtza3mEHLpyyqCwt_7YO9KKQtU6-x6aumOdiLT6zneJicRSI6Z_m-PaX864V5ql0nOFy7hx6uTlpmK2SfuNKm_Crts6rOqzWaKHJDVNZmITZKDX48aiS1KlrVW6kpH1Ds35MOH-_MucdAp3mCu--PMirWyqif-EPI-IaIOQ",
"payload": ""
}
2020-08-19 22:24:20,661:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/6647153594 HTTP/1.1" 200 795
2020-08-19 22:24:20,662:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Wed, 19 Aug 2020 22:24:20 GMT
Content-Type: application/json
Content-Length: 795
Connection: keep-alive
Boulder-Requester: 94108652
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0002ubAZkDrQ7VJxLWDd5SBxZOE9oaYqUYqoEZyitmem96M
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "example.com"
},
"status": "pending",
"expires": "2020-08-26T22:24:20Z",
"challenges": [
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/6647153594/TE7tyQ",
"token": "bzk928_t6Uw015bftBT1WwjBp-x7eNXX0DZAhtvbMQo"
},
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/6647153594/yxEC2w",
"token": "bzk928_t6Uw015bftBT1WwjBp-x7eNXX0DZAhtvbMQo"
},
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/6647153594/vPv-vQ",
"token": "bzk928_t6Uw015bftBT1WwjBp-x7eNXX0DZAhtvbMQo"
}
]
}
2020-08-19 22:24:20,662:DEBUG:acme.client:Storing nonce: 0002ubAZkDrQ7VJxLWDd5SBxZOE9oaYqUYqoEZyitmem96M
2020-08-19 22:24:20,663:INFO:certbot._internal.auth_handler:Performing the following challenges:
2020-08-19 22:24:20,663:INFO:certbot._internal.auth_handler:http-01 challenge for example.com
2020-08-19 22:24:20,677:DEBUG:certbot_nginx._internal.http_01:Generated server block:
[]
2020-08-19 22:24:20,677:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-mail.conf
2020-08-19 22:24:20,678:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-image-filter.conf
2020-08-19 22:24:20,678:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf
2020-08-19 22:24:20,678:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/example.com
2020-08-19 22:24:20,678:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-stream.conf
2020-08-19 22:24:20,679:DEBUG:certbot.reverter:Creating backup of /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf
2020-08-19 22:24:20,679:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types
2020-08-19 22:24:20,680:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/nginx.conf:
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
include /etc/letsencrypt/le_http_01_cert_challenge.conf;
server_names_hash_bucket_size 128;
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
# pat, increase file size for uploads
client_max_body_size 100m;
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
#mail {
# # See sample authentication script at:
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
#
# # auth_http localhost/auth.php;
# # pop3_capabilities "TOP" "USER";
# # imap_capabilities "IMAP4rev1" "UIDPLUS";
#
# server {
# listen localhost:110;
# protocol pop3;
# proxy on;
# }
#
# server {
# listen localhost:143;
# protocol imap;
# proxy on;
# }
#}
2020-08-19 22:24:20,681:DEBUG:certbot_nginx._internal.parser:Writing nginx conf tree to /etc/nginx/sites-enabled/example.com:
server {rewrite ^(/.well-known/acme-challenge/.*) $1 break; # managed by Certbot
listen 80;
server_name example.com;
root /home/pat/example.com;
index index.html;
# listen 443 ssl;
location / {
proxy_pass http://127.0.0.1:2368;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
# ssl_certificate /etc/letsencrypt/live/blog.alexellis.io/fullchain.pem;
# ssl_certificate_key /etc/letsencrypt/live/blog.alexellis.io/privkey.pem;
# ssl on;
# location /.well-known/ {
# root /home/pat/example.com/.well-known/acme-challenge/;
# }
location /.well-known/ {
default_type "text/plain";
root /home/pat/example.com/;
}
# location / {
# return 301 https://$server_name$request_uri;
# try_files $uri $uri/ =404;
# }
location = /.well-known/acme-challenge/bzk928_t6Uw015bftBT1WwjBp-x7eNXX0DZAhtvbMQo{default_type text/plain;return 200 bzk928_t6Uw015bftBT1WwjBp-x7eNXX0DZAhtvbMQo.miQFYUoCdCTTekeHr1etY_8v4l3ZbMbSmlTLGWGhhio;} # managed by Certbot
}
2020-08-19 22:24:21,700:INFO:certbot._internal.auth_handler:Waiting for verification...
2020-08-19 22:24:21,702:DEBUG:acme.client:JWS payload:
b'{}'
2020-08-19 22:24:21,707:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/6647153594/TE7tyQ:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvOTQxMDg2NTIiLCAibm9uY2UiOiAiMDAwMnViQVprRHJRN1ZKeExXRGQ1U0J4Wk9FOW9hWXFVWXFvRVp5aXRtZW05Nk0iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzY2NDcxNTM1OTQvVEU3dHlRIn0",
"signature": "V6fdsn6QKiWl0Y_dEjIYDObQ_thP3tWq-BDZbPcDaXsVdDJTseJgeti2JTjYWfP5oWsQ_ofe365uzwBh291uXiymaeKb3V0BLEQ4D4mrut7AbpxATnJD4cFIadaLvvthGr_cHK0y3X4dNaEW9dOcjDc1vDmsHrP3o8cWj9eLdxZaMsIYLAQkIGQunwyhKebfEZ6uILHk28bETiAW_3DNvZViTR-UUAVDQ3_wofDE7XxbOTyVLaA4GEnDfSoKHL1IFGc0h3PZIyFIG18hjmAFSXV36-dQX70Oku89goS5GNsr5C62I-i9aQuJheNkDRPo1G1fBpoxsjnB-F3MqGJZTg",
"payload": "e30"
}
2020-08-19 22:24:21,964:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/6647153594/TE7tyQ HTTP/1.1" 200 185
2020-08-19 22:24:21,965:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Wed, 19 Aug 2020 22:24:21 GMT
Content-Type: application/json
Content-Length: 185
Connection: keep-alive
Boulder-Requester: 94108652
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index", <https://acme-v02.api.letsencrypt.org/acme/authz-v3/6647153594>;rel="up"
Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/6647153594/TE7tyQ
Replay-Nonce: 0001tGRH_W0v8INtn5myvuIm95QJEVAOEvY90H3LzFra13c
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/6647153594/TE7tyQ",
"token": "bzk928_t6Uw015bftBT1WwjBp-x7eNXX0DZAhtvbMQo"
}
2020-08-19 22:24:21,966:DEBUG:acme.client:Storing nonce: 0001tGRH_W0v8INtn5myvuIm95QJEVAOEvY90H3LzFra13c
2020-08-19 22:24:22,968:DEBUG:acme.client:JWS payload:
b''
2020-08-19 22:24:22,972:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/6647153594:
{
"protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvOTQxMDg2NTIiLCAibm9uY2UiOiAiMDAwMXRHUkhfVzB2OElOdG41bXl2dUltOTVRSkVWQU9Fdlk5MEgzTHpGcmExM2MiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzY2NDcxNTM1OTQifQ",
"signature": "BrqOXSA63T4HbK7Y9rLxqi5sWnFzwWuQLkzrfqNI_33M1XOQT8Zqt2y9cJIGDBvAapxHTyjnp_HyaoTiftxM73e4MvmHU2Sr6dektznfISu6TKYjzNHwCZwCgpxWwKXjSpzxNTnNBNqbO0AAuIwaAPArvcCIHTFBhDaH_KHiqUDpgxE8oGTE_qajWkotWBz_nvyW9IzVE1yL4FMxLkwUY35A4SeDz42lPRqqe00wedqTbD7Yk69Tsexd9yX69NadjVRRN6NpBN2ZiLIVQaTs4TqUVGPCp7zQ1bY1vPkNWnmjhPKqRwjDd9F752dviqqPVv8P0m4Yh7nkkM7nO5CQmA",
"payload": ""
}
2020-08-19 22:24:23,050:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/6647153594 HTTP/1.1" 200 974
2020-08-19 22:24:23,051:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Wed, 19 Aug 2020 22:24:23 GMT
Content-Type: application/json
Content-Length: 974
Connection: keep-alive
Boulder-Requester: 94108652
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0002L5nLi1wvSQIR9E4Spc5RoqS1oGizSpnQ6lNuD1ox8ag
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "example.com"
},
"status": "invalid",
"expires": "2020-08-26T22:24:20Z",
"challenges": [
{
"type": "http-01",
"status": "invalid",
"error": {
"type": "urn:ietf:params:acme:error:connection",
"detail": "Fetching http://example.com/.well-known/acme-challenge/bzk928_t6Uw015bftBT1WwjBp-x7eNXX0DZAhtvbMQo: Connection refused",
"status": 400
},
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/6647153594/TE7tyQ",
"token": "bzk928_t6Uw015bftBT1WwjBp-x7eNXX0DZAhtvbMQo",
"validationRecord": [
{
"url": "http://example.com/.well-known/acme-challenge/bzk928_t6Uw015bftBT1WwjBp-x7eNXX0DZAhtvbMQo",
"hostname": "example.com",
"port": "80",
"addressesResolved": [
"73.35.185.91"
],
"addressUsed": "73.35.185.91"
}
]
}
]
}
2020-08-19 22:24:23,052:DEBUG:acme.client:Storing nonce: 0002L5nLi1wvSQIR9E4Spc5RoqS1oGizSpnQ6lNuD1ox8ag
2020-08-19 22:24:23,053:WARNING:certbot._internal.auth_handler:Challenge failed for domain example.com
2020-08-19 22:24:23,053:INFO:certbot._internal.auth_handler:http-01 challenge for example.com
2020-08-19 22:24:23,053:DEBUG:certbot._internal.reporter:Reporting to user: The following errors were reported by the server:
Domain: example.com
Type: connection
Detail: Fetching http://example.com/.well-known/acme-challenge/bzk928_t6Uw015bftBT1WwjBp-x7eNXX0DZAhtvbMQo: Connection refused
To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are preventing the server from communicating with the client. If you're using the webroot plugin, you should also verify that you are serving files from the webroot path you provided.
2020-08-19 22:24:23,054:DEBUG:certbot._internal.error_handler:Encountered exception:
Traceback (most recent call last):
File "/snap/certbot/500/lib/python3.8/site-packages/certbot/_internal/auth_handler.py", line 91, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, best_effort)
File "/snap/certbot/500/lib/python3.8/site-packages/certbot/_internal/auth_handler.py", line 180, in _poll_authorizations
raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.
2020-08-19 22:24:23,055:DEBUG:certbot._internal.error_handler:Calling registered functions
2020-08-19 22:24:23,055:INFO:certbot._internal.auth_handler:Cleaning up challenges
2020-08-19 22:24:24,192:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
File "/snap/certbot/500/bin/certbot", line 8, in <module>
sys.exit(main())
File "/snap/certbot/500/lib/python3.8/site-packages/certbot/main.py", line 15, in main
return internal_main.main(cli_args)
File "/snap/certbot/500/lib/python3.8/site-packages/certbot/_internal/main.py", line 1357, in main
return config.func(config, plugins)
File "/snap/certbot/500/lib/python3.8/site-packages/certbot/_internal/main.py", line 1101, in run
new_lineage = _get_and_save_cert(le_client, config, domains,
File "/snap/certbot/500/lib/python3.8/site-packages/certbot/_internal/main.py", line 121, in _get_and_save_cert
lineage = le_client.obtain_and_enroll_certificate(domains, certname)
File "/snap/certbot/500/lib/python3.8/site-packages/certbot/_internal/client.py", line 418, in obtain_and_enroll_certificate
cert, chain, key, _ = self.obtain_certificate(domains)
File "/snap/certbot/500/lib/python3.8/site-packages/certbot/_internal/client.py", line 351, in obtain_certificate
orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
File "/snap/certbot/500/lib/python3.8/site-packages/certbot/_internal/client.py", line 398, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, best_effort)
File "/snap/certbot/500/lib/python3.8/site-packages/certbot/_internal/auth_handler.py", line 91, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, best_effort)
File "/snap/certbot/500/lib/python3.8/site-packages/certbot/_internal/auth_handler.py", line 180, in _poll_authorizations
raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.
2020-08-19 22:24:24,195:ERROR:certbot._internal.log:Some challenges have failed.
pat@angel:~$
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment