Let's Encrypt expired

Discussions about the usage of KeyHelp.
Post Reply
kolartzsiger
Posts: 2
Joined: Tue 2. Aug 2022, 15:02

Let's Encrypt expired

Post by kolartzsiger »

Hi,

My website told my SSL is expired few days ago. I am using Let's Encrypt, but it should have had to renew automaticly.

I tried everything, but the browser always says your browsing is not safe and i can't renew the SSL.

Any idea?

Website : www.tenerife-utazom.hu
User avatar
mhagge
Community Moderator
Posts: 487
Joined: Wed 8. Aug 2018, 15:19

Re: Let's Encrypt expired

Post by mhagge »

I have moved your post to the english subforum
User avatar
Alexander
Keyweb AG
Posts: 3810
Joined: Wed 20. Jan 2016, 02:23

Re: Let's Encrypt expired

Post by Alexander »

Hello,

with the expired notification, you also received the reason why the Lets Encrypt certificate could not be renewed - post this here.

Alternative, have a look into the ssl-maintenance.log (KeyHelp admin area -> System status -> Protocols) and post this here.
Mit freundlichen Grüßen / Best regards
Alexander Mahr

**************************************************************
Keyweb AG - Die Hosting Marke
Neuwerkstr. 45/46, 99084 Erfurt / Germany
http://www.keyweb.de - http://www.keyhelp.de
**************************************************************
kolartzsiger
Posts: 2
Joined: Tue 2. Aug 2022, 15:02

Re: Let's Encrypt expired

Post by kolartzsiger »

Hello!

Thanks for your answer!

I checked the log file (it says timeout and firewall problem, but i did not changed any firewall settings) and here is the log:

[04-Aug-2022 00:01:28] ERROR --> a Let's Encrypt error occurred: Verification ended with an error.
Details: 116.202.8.52: Fetching https://tenerife-utazom.hu/.well-known/ ... Au8-h6m0FQ: Timeout during connect (likely firewall problem)
Type: urn:ietf:params:acme:error:connection
Full response: {"type":"http-01","status":"invalid","error":{"type":"urn:ietf:params:acme:error:connection","detail":"116.202.8.52: Fetching https:\/\/tenerife-utazom.hu\/.well-known\/acme-challenge\/a-JpjUO2s2iNYfq4RwjCOxQj-MvrfLLuKAu8-h6m0FQ: Timeout during connect (likely firewall problem)","status":400},"url":"https:\/\/acme-v02.api.letsencrypt.org\/acme\/chall-v3\/138000039096\/HMpzJw","token":"a-JpjUO2s2iNYfq4RwjCOxQj-MvrfLLuKAu8-h6m0FQ","validationRecord":[{"url":"http:\/\/tenerife-utazom.hu\/.well-known\/acme-challenge\/a-JpjUO2s2iNYfq4RwjCOxQj-MvrfLLuKAu8-h6m0FQ","hostname":"tenerife-utazom.hu","port":"80","addressesResolved":["116.202.8.52","2a01:4f8:c010:1152::2"],"addressUsed":"2a01:4f8:c010:1152::2"},{"url":"http:\/\/tenerife-utazom.hu\/.well-known\/acme-challenge\/a-JpjUO2s2iNYfq4RwjCOxQj-MvrfLLuKAu8-h6m0FQ","hostname":"tenerife-utazom.hu","port":"80","addressesResolved":["116.202.8.52","2a01:4f8:c010:1152::2"],"addressUsed":"116.202.8.52"},{"url":"https:\/\/tenerife-utazom.hu\/.well-known\/acme-challenge\/a-JpjUO2s2iNYfq4RwjCOxQj-MvrfLLuKAu8-h6m0FQ","hostname":"tenerife-utazom.hu","port":"443","addressesResolved":["116.202.8.52","2a01:4f8:c010:1152::2"],"addressUsed":"2a01:4f8:c010:1152::2"}],"validated":"2022-08-03T22:01:05Z"}
[04-Aug-2022 00:01:28] INFO --> check domain "www.tenerife-utazom.hu'
[04-Aug-2022 00:01:28] INFO --> certificate is valid until 2022-07-22 16:41:39 (0 days left)
[04-Aug-2022 00:01:28] INFO --> certificate is in renewal period
[04-Aug-2022 00:01:28] INFO --> renew cert
[04-Aug-2022 00:01:28] INFO --> Using certificate authority: "https://acme-v02.api.letsencrypt.org/" (LIVE).
[04-Aug-2022 00:01:28] INFO --> Getting endpoint URLs.
[04-Aug-2022 00:01:29] INFO --> Account "admin" already registered. Continue.
[04-Aug-2022 00:01:29] INFO --> Requesting Key ID.
[04-Aug-2022 00:01:29] INFO --> Sending signed request to "https://acme-v02.api.letsencrypt.org/acme/new-acct".
[04-Aug-2022 00:01:30] INFO --> Start certificate generation.
[04-Aug-2022 00:01:30] INFO --> Delete old token "/home/keyhelp/www/.well-known/acme-challenge/phSaPnnOvz2n26Kjyjus2TT8_QVDdY6kj0XV_TORjCw".
[04-Aug-2022 00:01:30] INFO --> Token stored at: /home/keyhelp/www/.well-known/acme-challenge/local-check-62eaf03a113109.36436718
[04-Aug-2022 00:01:30] INFO --> Local resolving checks of domains successfully completed.
[04-Aug-2022 00:01:30] INFO --> Requesting challenges for domain "www.tenerife-utazom.hu".
[04-Aug-2022 00:01:30] INFO --> Sending signed request to "https://acme-v02.api.letsencrypt.org/acme/new-order".
[04-Aug-2022 00:01:31] INFO --> Sending signed request to "https://acme-v02.api.letsencrypt.org/ac ... 8000189956".
[04-Aug-2022 00:01:31] INFO --> Start authorization process for "www.tenerife-utazom.hu".
[04-Aug-2022 00:01:31] INFO --> Deploy challenge.
[04-Aug-2022 00:01:31] INFO --> Token stored at: /home/keyhelp/www/.well-known/acme-challenge/QE-STk5KsZ03W_JWqxLq8PVm3QWN3L4JLqp5Es3p0po
[04-Aug-2022 00:01:32] INFO --> Notify CA that the challenge is ready.
[04-Aug-2022 00:01:32] INFO --> Sending signed request to "https://acme-v02.api.letsencrypt.org/ac ... 956/_JvqLg".
[04-Aug-2022 00:01:32] INFO --> Sending signed request to "https://acme-v02.api.letsencrypt.org/ac ... 956/_JvqLg".
[04-Aug-2022 00:01:33] INFO --> Waiting for verification...
[04-Aug-2022 00:01:35] INFO --> Sending signed request to "https://acme-v02.api.letsencrypt.org/ac ... 956/_JvqLg".
[04-Aug-2022 00:01:35] INFO --> Waiting for verification...
[04-Aug-2022 00:01:37] INFO --> Sending signed request to "https://acme-v02.api.letsencrypt.org/ac ... 956/_JvqLg".
[04-Aug-2022 00:01:38] INFO --> Waiting for verification...
[04-Aug-2022 00:01:40] INFO --> Sending signed request to "https://acme-v02.api.letsencrypt.org/ac ... 956/_JvqLg".
[04-Aug-2022 00:01:40] INFO --> Waiting for verification...
[04-Aug-2022 00:01:42] INFO --> Sending signed request to "https://acme-v02.api.letsencrypt.org/ac ... 956/_JvqLg".
[04-Aug-2022 00:01:43] INFO --> Waiting for verification...
[04-Aug-2022 00:01:45] INFO --> Sending signed request to "https://acme-v02.api.letsencrypt.org/ac ... 956/_JvqLg".
[04-Aug-2022 00:01:45] INFO --> Waiting for verification...
[04-Aug-2022 00:01:47] INFO --> Sending signed request to "https://acme-v02.api.letsencrypt.org/ac ... 956/_JvqLg".
[04-Aug-2022 00:01:48] INFO --> Waiting for verification...
[04-Aug-2022 00:01:50] INFO --> Sending signed request to "https://acme-v02.api.letsencrypt.org/ac ... 956/_JvqLg".
[04-Aug-2022 00:01:50] INFO --> Waiting for verification...
[04-Aug-2022 00:01:52] INFO --> Sending signed request to "https://acme-v02.api.letsencrypt.org/ac ... 956/_JvqLg".
[04-Aug-2022 00:01:53] INFO --> Waiting for verification...
[04-Aug-2022 00:01:55] INFO --> Sending signed request to "https://acme-v02.api.letsencrypt.org/ac ... 956/_JvqLg".
[04-Aug-2022 00:01:55] ERROR --> a Let's Encrypt error occurred: Verification ended with an error.
Details: 116.202.8.52: Fetching https://www.tenerife-utazom.hu/.well-kn ... qp5Es3p0po: Timeout during connect (likely firewall problem)
Type: urn:ietf:params:acme:error:connection
Full response: {"type":"http-01","status":"invalid","error":{"type":"urn:ietf:params:acme:error:connection","detail":"116.202.8.52: Fetching https:\/\/www.tenerife-utazom.hu\/.well-known\/acme-challenge\/QE-STk5KsZ03W_JWqxVm3QWN3L4JLqp5Es3p0po: Timeout during connect (likely firewall problem)","status":400},"url":"https:\/\/acme-v02.api.letsencrypt.org\/acme\/chall-v3\/138000189956\/_JvqLg","token":"QE-STk5KsZ03W_JWqxLq8PVm3L4JLqp5Es3p0po","validationRecord":[{"url":"http:\/\/www.tenerife-utazom.hu\/.well-known\/acme-challenge\/QE-STk5KsZ03W_JWqxLq8PVmL4JLqp5Es3p0po","hostname":"www.tenerife-utazom.hu","port":"80","addressesResolved":["116.202.8.52","2a01:4f8:c010:1152::2"],"addressUsed":"2a01:4f8:c010:1152::2"},{"url":"http:\/\/www.tenerife-utazom.hu\/.well-known\/acme-challenge\/QE-STk5KsZ03W_JWqxLVm3QWN3L4JLqp5Es3p0po","hostname":"www.tenerife-utazom.hu","port":"80","addressesResolved":["116.202.8.52","2a01:4f8:c010:1152::2"],"addressUsed":"116.202.8.52"},{"url":"https:\/\/www.tenerife-utazom.hu\/.well-known\/acme-challenge\/QE-STk5KsZ03W_Jq8PVm3QWN3L4JLqp5Es3p0po","hostname":"www.tenerife-utazom.hu","port":"443","addressesResolved":["116.202.8.52","2a01:4f8:c010:1152::2"],"addressUsed":"2a01:4f8:c010:1152::2"}],"validated":"2022-08-03T22:01:32Z"}
User avatar
Alexander
Keyweb AG
Posts: 3810
Joined: Wed 20. Jan 2016, 02:23

Re: Let's Encrypt expired

Post by Alexander »

Hello,

The Let's Encrypt servers can not reach your server to verify your request. This URL is not reachable by them:

https://tenerife-utazom.hu/.well-known/ ... Au8-h6m0FQ

As it is stated, "likely firewall problem".
Mit freundlichen Grüßen / Best regards
Alexander Mahr

**************************************************************
Keyweb AG - Die Hosting Marke
Neuwerkstr. 45/46, 99084 Erfurt / Germany
http://www.keyweb.de - http://www.keyhelp.de
**************************************************************
Post Reply