SSL Stoped auto renew [SOLVED]
-
- Posts: 44
- Joined: Sun 28. Apr 2019, 13:59
SSL Stoped auto renew
All SSL Stoped renew 'all SSL expired' for all domains under all users.
----------------------------------------------------
Full response: {"type":"http-01","status":"invalid","error":{"type":"urn:ietf:params:acme:error:connection","detail":"x.x.x.x: Fetching https:\/\/hledambyt-bilina.cz\/.well-known\/acme-challenge\/xxorTIHiTidXMf1lYhwV0m1KT8-obVxVqAL1Dgbf13I: Timeout during connect (likely firewall problem)","status":400},"url":"https:\/\/acme-v02.api.letsencrypt.org\/acme\/chall-v3\/210895207117\/-NQ18Q","token":"xxorTIHiTidXMf1lYhwV0m1KT8-obVxVqAL1Dgbf13I","validationRecord":[{"url":"http:\/\/hledambyt-bilina.cz\/.well-known\/acme-challenge\/xxorTIHiTidXMf1lYhwV0m1KT8-obVxVqAL1Dgbf13I","hostname":"hledambyt-bilina.cz","port":"80","addressesResolved":["x.x.x.x","2605:a1426322::1"],"addressUsed":"2605:a1426322::1"},{"url":"http:\/\/hledambyt-bilina.cz\/.well-known\/acme-challenge\/xxorTIHiTidXMf1lYhwV0m1KT8-obVxVqAL1Dgbf13I","hostname":"hledambyt-bilina.cz","port":"80","addressesResolved":["x.x.x.x","2605:a1426322::1"],"addressUsed":"x.x.x.x"},{"url":"https:\/\/hledambyt-bilina.cz\/.well-known\/acme-challenge\/xxorTIHiTidXMf1lYhwV0m1KT8-obVxVqAL1Dgbf13I","hostname":"hledambyt-bilina.cz","port":"443","addressesResolved":["154.53.32.10","2605:a1426322::1"],"addressUsed":"2605:a1426322::1"}],"validated":"2023-03-14T23:08:34Z"}
[15-Mar-2023 00:08:58] INFO | check domain "www.hledambyt-bilina.cz'
[15-Mar-2023 00:08:58] INFO | certificate is valid until 2023-02-28 21:17:29 (0 days left)
[15-Mar-2023 00:08:58] INFO | certificate is in renewal period
[15-Mar-2023 00:08:58] INFO | renew cert
[15-Mar-2023 00:08:58] INFO | Using certificate authority: "https://acme-v02.api.letsencrypt.org/" (PRODUCTION).
[15-Mar-2023 00:08:58] INFO | Getting endpoint URLs.
[15-Mar-2023 00:08:58] INFO | Account "bonvulux" already registered. Continue.
[15-Mar-2023 00:08:58] INFO | Requesting Key ID.
[15-Mar-2023 00:08:58] INFO | Sending signed request to "https://acme-v02.api.letsencrypt.org/acme/new-acct".
[15-Mar-2023 00:08:59] INFO | Start certificate generation.
[15-Mar-2023 00:08:59] INFO | Delete old token "/home/keyhelp/www/.well-known/acme-challenge/6qy47TWGCaIlJIfhAz6cydgY0Mh0ckChzMt12x9m4L4".
[15-Mar-2023 00:08:59] INFO | Token stored at: /home/keyhelp/www/.well-known/acme-challenge/local-check-6410fe8b460199.02676695
[15-Mar-2023 00:08:59] INFO | Local resolving checks of domains successfully completed.
[15-Mar-2023 00:08:59] INFO | Requesting challenges for domain "www.hledambyt-bilina.cz".
[15-Mar-2023 00:08:59] INFO | Sending signed request to "https://acme-v02.api.letsencrypt.org/acme/new-order".
[15-Mar-2023 00:09:00] INFO | Sending signed request to "https://acme-v02.api.letsencrypt.org/ac ... 0895297417".
[15-Mar-2023 00:09:00] INFO | Start authorization process for "www.hledambyt-bilina.cz".
[15-Mar-2023 00:09:00] INFO | Deploy challenge.
[15-Mar-2023 00:09:00] INFO | Token stored at: /home/keyhelp/www/.well-known/acme-challenge/FQMdVcGFVow17_jt4xHeLvl7oG4nQOZqzNIuZLBNaXc
[15-Mar-2023 00:09:00] INFO | Notify CA that the challenge is ready.
[15-Mar-2023 00:09:00] INFO | Sending signed request to "https://acme-v02.api.letsencrypt.org/ac ... 417/zaaYzQ".
[15-Mar-2023 00:09:00] INFO | Sending signed request to "https://acme-v02.api.letsencrypt.org/ac ... 417/zaaYzQ".
[15-Mar-2023 00:09:01] INFO | Waiting for verification...
[15-Mar-2023 00:09:03] INFO | Sending signed request to "https://acme-v02.api.letsencrypt.org/ac ... 417/zaaYzQ".
[15-Mar-2023 00:09:03] INFO | Waiting for verification...
[15-Mar-2023 00:09:05] INFO | Sending signed request to "https://acme-v02.api.letsencrypt.org/ac ... 417/zaaYzQ".
[15-Mar-2023 00:09:05] INFO | Waiting for verification...
[15-Mar-2023 00:09:07] INFO | Sending signed request to "https://acme-v02.api.letsencrypt.org/ac ... 417/zaaYzQ".
[15-Mar-2023 00:09:07] INFO | Waiting for verification...
[15-Mar-2023 00:09:09] INFO | Sending signed request to "https://acme-v02.api.letsencrypt.org/ac ... 417/zaaYzQ".
[15-Mar-2023 00:09:10] INFO | Waiting for verification...
[15-Mar-2023 00:09:12] INFO | Sending signed request to "https://acme-v02.api.letsencrypt.org/ac ... 417/zaaYzQ".
[15-Mar-2023 00:09:12] INFO | Waiting for verification...
[15-Mar-2023 00:09:14] INFO | Sending signed request to "https://acme-v02.api.letsencrypt.org/ac ... 417/zaaYzQ".
[15-Mar-2023 00:09:14] INFO | Waiting for verification...
[15-Mar-2023 00:09:16] INFO | Sending signed request to "https://acme-v02.api.letsencrypt.org/ac ... 417/zaaYzQ".
[15-Mar-2023 00:09:16] INFO | Waiting for verification...
[15-Mar-2023 00:09:18] INFO | Sending signed request to "https://acme-v02.api.letsencrypt.org/ac ... 417/zaaYzQ".
[15-Mar-2023 00:09:18] INFO | Waiting for verification...
[15-Mar-2023 00:09:20] INFO | Sending signed request to "https://acme-v02.api.letsencrypt.org/ac ... 417/zaaYzQ".
[15-Mar-2023 00:09:21] INFO | Waiting for verification...
[15-Mar-2023 00:09:23] INFO | Sending signed request to "https://acme-v02.api.letsencrypt.org/ac ... 417/zaaYzQ".
[15-Mar-2023 00:09:23] INFO | Waiting for verification...
[15-Mar-2023 00:09:25] INFO | Sending signed request to "https://acme-v02.api.letsencrypt.org/ac ... 417/zaaYzQ".
[15-Mar-2023 00:09:25] ERROR | a Let's Encrypt error occurred: Verification ended with an error.
Details: x.x.x.x: Fetching https://www.hledambyt-bilina.cz/.well-k ... NIuZLBNaXc: Timeout during connect (likely firewall problem)
Type: urn:ietf:params:acme:error:connection
=========================================================
Re: SSL Stoped auto renew
it seems that Let'sEncrypt can't reach your server:
Code: Select all
Timeout during connect (likely firewall problem)
Maybe you blocked LE in your firewall or you have something missconfigured and fail2ban block it.
Bye Arne
Re: SSL Stoped auto renew
viewtopic.php?p=39952#p39952
I needed to disable any HTTPS redirects in apache to make it work again.
-
- Posts: 44
- Joined: Sun 28. Apr 2019, 13:59
Re: SSL Stoped auto renew
Thank you for your answer...george wrote: ↑Thu 16. Mar 2023, 00:11 Nikitaidis, read this post, may help with testing and solving...
viewtopic.php?p=39952#p39952
I needed to disable any HTTPS redirects in apache to make it work again.
i add it (#) in /etc/apache2/keyhelp/keyhelp.conf
# Redirect / https://host.domain.com/
===========
Re: SSL Stoped auto renew
If you have the problem frequently, SSL cannot work.
Greeting Arne
-
- Posts: 44
- Joined: Sun 28. Apr 2019, 13:59
Re: SSL Stoped auto renew
Thank you Anne for your answer.ShortSnow wrote: ↑Fri 17. Mar 2023, 01:20 www.hledambyt-bilina.cz/hledambyt-bilina.cz haven't actually a DNS. Yesterday it have.
If you have the problem frequently, SSL cannot work.
Greeting Arne
yes i know it but i have many other domains..
- also firewall its loaded to default rules ...
=====================
Re: SSL Stoped auto renew [SOLVED]
your IPv6 address is not reachable, thats why LE cannot reach the server.
Florian Cheno
**************************************************************
Keyweb AG - Die Hosting Marke
Neuwerkstr. 45/46, 99084 Erfurt / Germany
http://www.keyweb.de - http://www.keyhelp.de
**************************************************************