Hello
All SSL Stoped renew 'all SSL expired' for all domains under all users.
----------------------------------------------------
Full response: {"type":"http-01","status":"invalid","error":{"type":"urn:ietf:params:acme:error:connection","detail":"x.x.x.x: Fetching https:\/\/hledambyt-bilina.cz\/.well-known\/acme-challenge\/xxorTIHiTidXMf1lYhwV0m1KT8-obVxVqAL1Dgbf13I: Timeout during connect (likely firewall problem)","status":400},"url":"https:\/\/acme-v02.api.letsencrypt.org\/acme\/chall-v3\/210895207117\/-NQ18Q","token":"xxorTIHiTidXMf1lYhwV0m1KT8-obVxVqAL1Dgbf13I","validationRecord":[{"url":"http:\/\/hledambyt-bilina.cz\/.well-known\/acme-challenge\/xxorTIHiTidXMf1lYhwV0m1KT8-obVxVqAL1Dgbf13I","hostname":"hledambyt-bilina.cz","port":"80","addressesResolved":["x.x.x.x","2605:a1426322::1"],"addressUsed":"2605:a1426322::1"},{"url":"http:\/\/hledambyt-bilina.cz\/.well-known\/acme-challenge\/xxorTIHiTidXMf1lYhwV0m1KT8-obVxVqAL1Dgbf13I","hostname":"hledambyt-bilina.cz","port":"80","addressesResolved":["x.x.x.x","2605:a1426322::1"],"addressUsed":"x.x.x.x"},{"url":"https:\/\/hledambyt-bilina.cz\/.well-known\/acme-challenge\/xxorTIHiTidXMf1lYhwV0m1KT8-obVxVqAL1Dgbf13I","hostname":"hledambyt-bilina.cz","port":"443","addressesResolved":["154.53.32.10","2605:a1426322::1"],"addressUsed":"2605:a1426322::1"}],"validated":"2023-03-14T23:08:34Z"}
[15-Mar-2023 00:08:58] INFO | check domain "www.hledambyt-bilina.cz'
[15-Mar-2023 00:08:58] INFO | certificate is valid until 2023-02-28 21:17:29 (0 days left)
[15-Mar-2023 00:08:58] INFO | certificate is in renewal period
[15-Mar-2023 00:08:58] INFO | renew cert
[15-Mar-2023 00:08:58] INFO | Using certificate authority: "https://acme-v02.api.letsencrypt.org/" (PRODUCTION).
[15-Mar-2023 00:08:58] INFO | Getting endpoint URLs.
[15-Mar-2023 00:08:58] INFO | Account "bonvulux" already registered. Continue.
[15-Mar-2023 00:08:58] INFO | Requesting Key ID.
[15-Mar-2023 00:08:58] INFO | Sending signed request to "https://acme-v02.api.letsencrypt.org/acme/new-acct".
[15-Mar-2023 00:08:59] INFO | Start certificate generation.
[15-Mar-2023 00:08:59] INFO | Delete old token "/home/keyhelp/www/.well-known/acme-challenge/6qy47TWGCaIlJIfhAz6cydgY0Mh0ckChzMt12x9m4L4".
[15-Mar-2023 00:08:59] INFO | Token stored at: /home/keyhelp/www/.well-known/acme-challenge/local-check-6410fe8b460199.02676695
[15-Mar-2023 00:08:59] INFO | Local resolving checks of domains successfully completed.
[15-Mar-2023 00:08:59] INFO | Requesting challenges for domain "www.hledambyt-bilina.cz".
[15-Mar-2023 00:08:59] INFO | Sending signed request to "https://acme-v02.api.letsencrypt.org/acme/new-order".
[15-Mar-2023 00:09:00] INFO | Sending signed request to "https://acme-v02.api.letsencrypt.org/ac ... 0895297417".
[15-Mar-2023 00:09:00] INFO | Start authorization process for "www.hledambyt-bilina.cz".
[15-Mar-2023 00:09:00] INFO | Deploy challenge.
[15-Mar-2023 00:09:00] INFO | Token stored at: /home/keyhelp/www/.well-known/acme-challenge/FQMdVcGFVow17_jt4xHeLvl7oG4nQOZqzNIuZLBNaXc
[15-Mar-2023 00:09:00] INFO | Notify CA that the challenge is ready.
[15-Mar-2023 00:09:00] INFO | Sending signed request to "https://acme-v02.api.letsencrypt.org/ac ... 417/zaaYzQ".
[15-Mar-2023 00:09:00] INFO | Sending signed request to "https://acme-v02.api.letsencrypt.org/ac ... 417/zaaYzQ".
[15-Mar-2023 00:09:01] INFO | Waiting for verification...
[15-Mar-2023 00:09:03] INFO | Sending signed request to "https://acme-v02.api.letsencrypt.org/ac ... 417/zaaYzQ".
[15-Mar-2023 00:09:03] INFO | Waiting for verification...
[15-Mar-2023 00:09:05] INFO | Sending signed request to "https://acme-v02.api.letsencrypt.org/ac ... 417/zaaYzQ".
[15-Mar-2023 00:09:05] INFO | Waiting for verification...
[15-Mar-2023 00:09:07] INFO | Sending signed request to "https://acme-v02.api.letsencrypt.org/ac ... 417/zaaYzQ".
[15-Mar-2023 00:09:07] INFO | Waiting for verification...
[15-Mar-2023 00:09:09] INFO | Sending signed request to "https://acme-v02.api.letsencrypt.org/ac ... 417/zaaYzQ".
[15-Mar-2023 00:09:10] INFO | Waiting for verification...
[15-Mar-2023 00:09:12] INFO | Sending signed request to "https://acme-v02.api.letsencrypt.org/ac ... 417/zaaYzQ".
[15-Mar-2023 00:09:12] INFO | Waiting for verification...
[15-Mar-2023 00:09:14] INFO | Sending signed request to "https://acme-v02.api.letsencrypt.org/ac ... 417/zaaYzQ".
[15-Mar-2023 00:09:14] INFO | Waiting for verification...
[15-Mar-2023 00:09:16] INFO | Sending signed request to "https://acme-v02.api.letsencrypt.org/ac ... 417/zaaYzQ".
[15-Mar-2023 00:09:16] INFO | Waiting for verification...
[15-Mar-2023 00:09:18] INFO | Sending signed request to "https://acme-v02.api.letsencrypt.org/ac ... 417/zaaYzQ".
[15-Mar-2023 00:09:18] INFO | Waiting for verification...
[15-Mar-2023 00:09:20] INFO | Sending signed request to "https://acme-v02.api.letsencrypt.org/ac ... 417/zaaYzQ".
[15-Mar-2023 00:09:21] INFO | Waiting for verification...
[15-Mar-2023 00:09:23] INFO | Sending signed request to "https://acme-v02.api.letsencrypt.org/ac ... 417/zaaYzQ".
[15-Mar-2023 00:09:23] INFO | Waiting for verification...
[15-Mar-2023 00:09:25] INFO | Sending signed request to "https://acme-v02.api.letsencrypt.org/ac ... 417/zaaYzQ".
[15-Mar-2023 00:09:25] ERROR | a Let's Encrypt error occurred: Verification ended with an error.
Details: x.x.x.x: Fetching https://www.hledambyt-bilina.cz/.well-k ... NIuZLBNaXc: Timeout during connect (likely firewall problem)
Type: urn:ietf:params:acme:error:connection
=========================================================
SSL Stoped auto renew [SOLVED]
-
- Posts: 44
- Joined: Sun 28. Apr 2019, 13:59
SSL Stoped auto renew
Last edited by Nikitaidis on Thu 16. Mar 2023, 23:57, edited 1 time in total.
Re: SSL Stoped auto renew
Hi,
it seems that Let'sEncrypt can't reach your server:
Let'sEncrypt can't open https://www.hledambyt-bilina.cz/.well-k ... NIuZLBNaXc. My test with ipv4 the URL is reachable and that's good.
Maybe you blocked LE in your firewall or you have something missconfigured and fail2ban block it.
Bye Arne
it seems that Let'sEncrypt can't reach your server:
Code: Select all
Timeout during connect (likely firewall problem)
Maybe you blocked LE in your firewall or you have something missconfigured and fail2ban block it.
Bye Arne
Re: SSL Stoped auto renew
Nikitaidis, read this post, may help with testing and solving...
viewtopic.php?p=39952#p39952
I needed to disable any HTTPS redirects in apache to make it work again.
viewtopic.php?p=39952#p39952
I needed to disable any HTTPS redirects in apache to make it work again.
-
- Posts: 44
- Joined: Sun 28. Apr 2019, 13:59
Re: SSL Stoped auto renew
Thank you for your answer...george wrote: ↑Thu 16. Mar 2023, 00:11 Nikitaidis, read this post, may help with testing and solving...
viewtopic.php?p=39952#p39952
I needed to disable any HTTPS redirects in apache to make it work again.
i add it (#) in /etc/apache2/keyhelp/keyhelp.conf
# Redirect / https://host.domain.com/
===========
Last edited by Nikitaidis on Sat 18. Mar 2023, 00:37, edited 2 times in total.
Re: SSL Stoped auto renew
www.hledambyt-bilina.cz/hledambyt-bilina.cz haven't actually a DNS. Yesterday it have.
If you have the problem frequently, SSL cannot work.
Greeting Arne
If you have the problem frequently, SSL cannot work.
Greeting Arne
-
- Posts: 44
- Joined: Sun 28. Apr 2019, 13:59
Re: SSL Stoped auto renew
Thank you Anne for your answer.ShortSnow wrote: ↑Fri 17. Mar 2023, 01:20 www.hledambyt-bilina.cz/hledambyt-bilina.cz haven't actually a DNS. Yesterday it have.
If you have the problem frequently, SSL cannot work.
Greeting Arne
yes i know it but i have many other domains..
- also firewall its loaded to default rules ...
=====================
Last edited by Nikitaidis on Sat 18. Mar 2023, 00:36, edited 1 time in total.
Re: SSL Stoped auto renew [SOLVED]
Hello,
your IPv6 address is not reachable, thats why LE cannot reach the server.
your IPv6 address is not reachable, thats why LE cannot reach the server.
Mit freundlichen Grüßen / Best regards
Florian Cheno
**************************************************************
Keyweb AG - Die Hosting Marke
Neuwerkstr. 45/46, 99084 Erfurt / Germany
http://www.keyweb.de - http://www.keyhelp.de
**************************************************************
Florian Cheno
**************************************************************
Keyweb AG - Die Hosting Marke
Neuwerkstr. 45/46, 99084 Erfurt / Germany
http://www.keyweb.de - http://www.keyhelp.de
**************************************************************