Error generating Certificate with Lets Encrypt
-
@harshmehta the site cannot be reached. If we can't reach it normally, LetsEncrypt definitely cannot reach it to issue a cert. Make sure that the site is working first, you can't get the cert until you are to that point.
-
@Dashrender said in Error generating Certificate with Lets Encrypt:
@scottalanmiller said in Error generating Certificate with Lets Encrypt:
@Dashrender said in Error generating Certificate with Lets Encrypt:
@dbeato said in Error generating Certificate with Lets Encrypt:
@harshmehta said in Error generating Certificate with Lets Encrypt:
Hi All,
When I am trying to generate a certificate for my fqdn domain name I am unable to do so , looks like a bug to me but not really sure
Any help on this would be really great
Please find below the error for same
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. gitlab.binex.cc (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://gitlab.binex.cc/.well-known/acme-challenge/xZk9yy56AiTn1bmyTC4GZZW0GAja5qiKwqem4ejVbjQ: Timeout during connect (likely firewall problem)IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: gitlab.binex.cc
Type: connection
Detail: Fetching
http://gitlab.binex.cc/.well-known/acme-challenge/xZk9yy56AiTn1bmyTC4GZZW0GAja5qiKwqem4ejVbjQ:
Timeout during connect (likely firewall problem)To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you're using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.
root@gitlab:/var/opt/gitlab/nginx/www/.well-known/acme-challenge#
Basically your Gitlab Server doesn't have port 80 open so Let's Encrypt cannot validate it. What ports are you allowing through your firewall right now?
This is my problem with my FreePBX. port 80 isn't open to the world, so it won't auto-renew.
You could open it.
I do, manually then update then close it.
I need to find out how to fix it right.Why not have the firewall in the server open port 80 before at the script start and closes it after the script ends?
-
-
@dbeato said in Error generating Certificate with Lets Encrypt:
@Dashrender said in Error generating Certificate with Lets Encrypt:
@scottalanmiller said in Error generating Certificate with Lets Encrypt:
@Dashrender said in Error generating Certificate with Lets Encrypt:
@dbeato said in Error generating Certificate with Lets Encrypt:
@harshmehta said in Error generating Certificate with Lets Encrypt:
Hi All,
When I am trying to generate a certificate for my fqdn domain name I am unable to do so , looks like a bug to me but not really sure
Any help on this would be really great
Please find below the error for same
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. gitlab.binex.cc (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://gitlab.binex.cc/.well-known/acme-challenge/xZk9yy56AiTn1bmyTC4GZZW0GAja5qiKwqem4ejVbjQ: Timeout during connect (likely firewall problem)IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: gitlab.binex.cc
Type: connection
Detail: Fetching
http://gitlab.binex.cc/.well-known/acme-challenge/xZk9yy56AiTn1bmyTC4GZZW0GAja5qiKwqem4ejVbjQ:
Timeout during connect (likely firewall problem)To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you're using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.
root@gitlab:/var/opt/gitlab/nginx/www/.well-known/acme-challenge#
Basically your Gitlab Server doesn't have port 80 open so Let's Encrypt cannot validate it. What ports are you allowing through your firewall right now?
This is my problem with my FreePBX. port 80 isn't open to the world, so it won't auto-renew.
You could open it.
I do, manually then update then close it.
I need to find out how to fix it right.Why not have the firewall in the server open port 80 before at the script start and closes it after the script ends?
It is not the PBX firewall. It is his router.
-
-
@JaredBusch said in Error generating Certificate with Lets Encrypt:
@dbeato said in Error generating Certificate with Lets Encrypt:
@Dashrender said in Error generating Certificate with Lets Encrypt:
@scottalanmiller said in Error generating Certificate with Lets Encrypt:
@Dashrender said in Error generating Certificate with Lets Encrypt:
@dbeato said in Error generating Certificate with Lets Encrypt:
@harshmehta said in Error generating Certificate with Lets Encrypt:
Hi All,
When I am trying to generate a certificate for my fqdn domain name I am unable to do so , looks like a bug to me but not really sure
Any help on this would be really great
Please find below the error for same
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. gitlab.binex.cc (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://gitlab.binex.cc/.well-known/acme-challenge/xZk9yy56AiTn1bmyTC4GZZW0GAja5qiKwqem4ejVbjQ: Timeout during connect (likely firewall problem)IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: gitlab.binex.cc
Type: connection
Detail: Fetching
http://gitlab.binex.cc/.well-known/acme-challenge/xZk9yy56AiTn1bmyTC4GZZW0GAja5qiKwqem4ejVbjQ:
Timeout during connect (likely firewall problem)To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you're using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.
root@gitlab:/var/opt/gitlab/nginx/www/.well-known/acme-challenge#
Basically your Gitlab Server doesn't have port 80 open so Let's Encrypt cannot validate it. What ports are you allowing through your firewall right now?
This is my problem with my FreePBX. port 80 isn't open to the world, so it won't auto-renew.
You could open it.
I do, manually then update then close it.
I need to find out how to fix it right.Why not have the firewall in the server open port 80 before at the script start and closes it after the script ends?
It is not the PBX firewall. It is his router.
Oh I see, makes sense now...
-
-
@Dashrender said in Error generating Certificate with Lets Encrypt:
@scottalanmiller said in Error generating Certificate with Lets Encrypt:
@Dashrender said in Error generating Certificate with Lets Encrypt:
@dbeato said in Error generating Certificate with Lets Encrypt:
@harshmehta said in Error generating Certificate with Lets Encrypt:
Hi All,
When I am trying to generate a certificate for my fqdn domain name I am unable to do so , looks like a bug to me but not really sure
Any help on this would be really great
Please find below the error for same
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. gitlab.binex.cc (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://gitlab.binex.cc/.well-known/acme-challenge/xZk9yy56AiTn1bmyTC4GZZW0GAja5qiKwqem4ejVbjQ: Timeout during connect (likely firewall problem)IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: gitlab.binex.cc
Type: connection
Detail: Fetching
http://gitlab.binex.cc/.well-known/acme-challenge/xZk9yy56AiTn1bmyTC4GZZW0GAja5qiKwqem4ejVbjQ:
Timeout during connect (likely firewall problem)To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you're using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.
root@gitlab:/var/opt/gitlab/nginx/www/.well-known/acme-challenge#
Basically your Gitlab Server doesn't have port 80 open so Let's Encrypt cannot validate it. What ports are you allowing through your firewall right now?
This is my problem with my FreePBX. port 80 isn't open to the world, so it won't auto-renew.
You could open it.
I do, manually then update then close it.
I need to find out how to fix it right.I thought you were going to use dns to renew. Did that not work?
-
-
@wirestyle22 said in Error generating Certificate with Lets Encrypt:
@Dashrender said in Error generating Certificate with Lets Encrypt:
@scottalanmiller said in Error generating Certificate with Lets Encrypt:
@Dashrender said in Error generating Certificate with Lets Encrypt:
@dbeato said in Error generating Certificate with Lets Encrypt:
@harshmehta said in Error generating Certificate with Lets Encrypt:
Hi All,
When I am trying to generate a certificate for my fqdn domain name I am unable to do so , looks like a bug to me but not really sure
Any help on this would be really great
Please find below the error for same
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. gitlab.binex.cc (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://gitlab.binex.cc/.well-known/acme-challenge/xZk9yy56AiTn1bmyTC4GZZW0GAja5qiKwqem4ejVbjQ: Timeout during connect (likely firewall problem)IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: gitlab.binex.cc
Type: connection
Detail: Fetching
http://gitlab.binex.cc/.well-known/acme-challenge/xZk9yy56AiTn1bmyTC4GZZW0GAja5qiKwqem4ejVbjQ:
Timeout during connect (likely firewall problem)To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you're using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.
root@gitlab:/var/opt/gitlab/nginx/www/.well-known/acme-challenge#
Basically your Gitlab Server doesn't have port 80 open so Let's Encrypt cannot validate it. What ports are you allowing through your firewall right now?
This is my problem with my FreePBX. port 80 isn't open to the world, so it won't auto-renew.
You could open it.
I do, manually then update then close it.
I need to find out how to fix it right.I thought you were going to use dns to renew. Did that not work?
Not with FreePBX you are not.
-
-
There is a feature request for FreePBX but not implemented yet
https://issues.freepbx.org/browse/FREEPBX-17843 -
@JaredBusch said in Error generating Certificate with Lets Encrypt:
@dbeato said in Error generating Certificate with Lets Encrypt:
@Dashrender said in Error generating Certificate with Lets Encrypt:
@scottalanmiller said in Error generating Certificate with Lets Encrypt:
@Dashrender said in Error generating Certificate with Lets Encrypt:
@dbeato said in Error generating Certificate with Lets Encrypt:
@harshmehta said in Error generating Certificate with Lets Encrypt:
Hi All,
When I am trying to generate a certificate for my fqdn domain name I am unable to do so , looks like a bug to me but not really sure
Any help on this would be really great
Please find below the error for same
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. gitlab.binex.cc (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://gitlab.binex.cc/.well-known/acme-challenge/xZk9yy56AiTn1bmyTC4GZZW0GAja5qiKwqem4ejVbjQ: Timeout during connect (likely firewall problem)IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: gitlab.binex.cc
Type: connection
Detail: Fetching
http://gitlab.binex.cc/.well-known/acme-challenge/xZk9yy56AiTn1bmyTC4GZZW0GAja5qiKwqem4ejVbjQ:
Timeout during connect (likely firewall problem)To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you're using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.
root@gitlab:/var/opt/gitlab/nginx/www/.well-known/acme-challenge#
Basically your Gitlab Server doesn't have port 80 open so Let's Encrypt cannot validate it. What ports are you allowing through your firewall right now?
This is my problem with my FreePBX. port 80 isn't open to the world, so it won't auto-renew.
You could open it.
I do, manually then update then close it.
I need to find out how to fix it right.Why not have the firewall in the server open port 80 before at the script start and closes it after the script ends?
It is not the PBX firewall. It is his router.
what? This is hosted by Vultr - I have no router in place.
-
-
@Dashrender said in Error generating Certificate with Lets Encrypt:
@JaredBusch said in Error generating Certificate with Lets Encrypt:
@dbeato said in Error generating Certificate with Lets Encrypt:
@Dashrender said in Error generating Certificate with Lets Encrypt:
@scottalanmiller said in Error generating Certificate with Lets Encrypt:
@Dashrender said in Error generating Certificate with Lets Encrypt:
@dbeato said in Error generating Certificate with Lets Encrypt:
@harshmehta said in Error generating Certificate with Lets Encrypt:
Hi All,
When I am trying to generate a certificate for my fqdn domain name I am unable to do so , looks like a bug to me but not really sure
Any help on this would be really great
Please find below the error for same
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. gitlab.binex.cc (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://gitlab.binex.cc/.well-known/acme-challenge/xZk9yy56AiTn1bmyTC4GZZW0GAja5qiKwqem4ejVbjQ: Timeout during connect (likely firewall problem)IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: gitlab.binex.cc
Type: connection
Detail: Fetching
http://gitlab.binex.cc/.well-known/acme-challenge/xZk9yy56AiTn1bmyTC4GZZW0GAja5qiKwqem4ejVbjQ:
Timeout during connect (likely firewall problem)To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you're using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.
root@gitlab:/var/opt/gitlab/nginx/www/.well-known/acme-challenge#
Basically your Gitlab Server doesn't have port 80 open so Let's Encrypt cannot validate it. What ports are you allowing through your firewall right now?
This is my problem with my FreePBX. port 80 isn't open to the world, so it won't auto-renew.
You could open it.
I do, manually then update then close it.
I need to find out how to fix it right.Why not have the firewall in the server open port 80 before at the script start and closes it after the script ends?
It is not the PBX firewall. It is his router.
what? This is hosted by Vultr - I have no router in place.
Ah was thinking of some one else
-
-
@JaredBusch said in Error generating Certificate with Lets Encrypt:
@Dashrender said in Error generating Certificate with Lets Encrypt:
@JaredBusch said in Error generating Certificate with Lets Encrypt:
@dbeato said in Error generating Certificate with Lets Encrypt:
@Dashrender said in Error generating Certificate with Lets Encrypt:
@scottalanmiller said in Error generating Certificate with Lets Encrypt:
@Dashrender said in Error generating Certificate with Lets Encrypt:
@dbeato said in Error generating Certificate with Lets Encrypt:
@harshmehta said in Error generating Certificate with Lets Encrypt:
Hi All,
When I am trying to generate a certificate for my fqdn domain name I am unable to do so , looks like a bug to me but not really sure
Any help on this would be really great
Please find below the error for same
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. gitlab.binex.cc (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://gitlab.binex.cc/.well-known/acme-challenge/xZk9yy56AiTn1bmyTC4GZZW0GAja5qiKwqem4ejVbjQ: Timeout during connect (likely firewall problem)IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: gitlab.binex.cc
Type: connection
Detail: Fetching
http://gitlab.binex.cc/.well-known/acme-challenge/xZk9yy56AiTn1bmyTC4GZZW0GAja5qiKwqem4ejVbjQ:
Timeout during connect (likely firewall problem)To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you're using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.
root@gitlab:/var/opt/gitlab/nginx/www/.well-known/acme-challenge#
Basically your Gitlab Server doesn't have port 80 open so Let's Encrypt cannot validate it. What ports are you allowing through your firewall right now?
This is my problem with my FreePBX. port 80 isn't open to the world, so it won't auto-renew.
You could open it.
I do, manually then update then close it.
I need to find out how to fix it right.Why not have the firewall in the server open port 80 before at the script start and closes it after the script ends?
It is not the PBX firewall. It is his router.
what? This is hosted by Vultr - I have no router in place.
Ah was thinking of some one else
LOL - must have been - you were there when I build this one.
-
-
@Dashrender said in Error generating Certificate with Lets Encrypt:
@JaredBusch said in Error generating Certificate with Lets Encrypt:
@Dashrender said in Error generating Certificate with Lets Encrypt:
@JaredBusch said in Error generating Certificate with Lets Encrypt:
@dbeato said in Error generating Certificate with Lets Encrypt:
@Dashrender said in Error generating Certificate with Lets Encrypt:
@scottalanmiller said in Error generating Certificate with Lets Encrypt:
@Dashrender said in Error generating Certificate with Lets Encrypt:
@dbeato said in Error generating Certificate with Lets Encrypt:
@harshmehta said in Error generating Certificate with Lets Encrypt:
Hi All,
When I am trying to generate a certificate for my fqdn domain name I am unable to do so , looks like a bug to me but not really sure
Any help on this would be really great
Please find below the error for same
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. gitlab.binex.cc (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://gitlab.binex.cc/.well-known/acme-challenge/xZk9yy56AiTn1bmyTC4GZZW0GAja5qiKwqem4ejVbjQ: Timeout during connect (likely firewall problem)IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: gitlab.binex.cc
Type: connection
Detail: Fetching
http://gitlab.binex.cc/.well-known/acme-challenge/xZk9yy56AiTn1bmyTC4GZZW0GAja5qiKwqem4ejVbjQ:
Timeout during connect (likely firewall problem)To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you're using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.
root@gitlab:/var/opt/gitlab/nginx/www/.well-known/acme-challenge#
Basically your Gitlab Server doesn't have port 80 open so Let's Encrypt cannot validate it. What ports are you allowing through your firewall right now?
This is my problem with my FreePBX. port 80 isn't open to the world, so it won't auto-renew.
You could open it.
I do, manually then update then close it.
I need to find out how to fix it right.Why not have the firewall in the server open port 80 before at the script start and closes it after the script ends?
It is not the PBX firewall. It is his router.
what? This is hosted by Vultr - I have no router in place.
Ah was thinking of some one else
LOL - must have been - you were there when I build this one.
Is your system fully updated? Because I haven’t had any issues with cert renewals for a year now.
-
-
@JaredBusch said in Error generating Certificate with Lets Encrypt:
@Dashrender said in Error generating Certificate with Lets Encrypt:
@JaredBusch said in Error generating Certificate with Lets Encrypt:
@Dashrender said in Error generating Certificate with Lets Encrypt:
@JaredBusch said in Error generating Certificate with Lets Encrypt:
@dbeato said in Error generating Certificate with Lets Encrypt:
@Dashrender said in Error generating Certificate with Lets Encrypt:
@scottalanmiller said in Error generating Certificate with Lets Encrypt:
@Dashrender said in Error generating Certificate with Lets Encrypt:
@dbeato said in Error generating Certificate with Lets Encrypt:
@harshmehta said in Error generating Certificate with Lets Encrypt:
Hi All,
When I am trying to generate a certificate for my fqdn domain name I am unable to do so , looks like a bug to me but not really sure
Any help on this would be really great
Please find below the error for same
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. gitlab.binex.cc (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://gitlab.binex.cc/.well-known/acme-challenge/xZk9yy56AiTn1bmyTC4GZZW0GAja5qiKwqem4ejVbjQ: Timeout during connect (likely firewall problem)IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: gitlab.binex.cc
Type: connection
Detail: Fetching
http://gitlab.binex.cc/.well-known/acme-challenge/xZk9yy56AiTn1bmyTC4GZZW0GAja5qiKwqem4ejVbjQ:
Timeout during connect (likely firewall problem)To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you're using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.
root@gitlab:/var/opt/gitlab/nginx/www/.well-known/acme-challenge#
Basically your Gitlab Server doesn't have port 80 open so Let's Encrypt cannot validate it. What ports are you allowing through your firewall right now?
This is my problem with my FreePBX. port 80 isn't open to the world, so it won't auto-renew.
You could open it.
I do, manually then update then close it.
I need to find out how to fix it right.Why not have the firewall in the server open port 80 before at the script start and closes it after the script ends?
It is not the PBX firewall. It is his router.
what? This is hosted by Vultr - I have no router in place.
Ah was thinking of some one else
LOL - must have been - you were there when I build this one.
Is your system fully updated? Because I haven’t had any issues with cert renewals for a year now.
I haven't done what I think are called firmware updates in over 6 months.
-
-
@Dashrender said in Error generating Certificate with Lets Encrypt:
@JaredBusch said in Error generating Certificate with Lets Encrypt:
@Dashrender said in Error generating Certificate with Lets Encrypt:
@JaredBusch said in Error generating Certificate with Lets Encrypt:
@Dashrender said in Error generating Certificate with Lets Encrypt:
@JaredBusch said in Error generating Certificate with Lets Encrypt:
@dbeato said in Error generating Certificate with Lets Encrypt:
@Dashrender said in Error generating Certificate with Lets Encrypt:
@scottalanmiller said in Error generating Certificate with Lets Encrypt:
@Dashrender said in Error generating Certificate with Lets Encrypt:
@dbeato said in Error generating Certificate with Lets Encrypt:
@harshmehta said in Error generating Certificate with Lets Encrypt:
Hi All,
When I am trying to generate a certificate for my fqdn domain name I am unable to do so , looks like a bug to me but not really sure
Any help on this would be really great
Please find below the error for same
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. gitlab.binex.cc (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://gitlab.binex.cc/.well-known/acme-challenge/xZk9yy56AiTn1bmyTC4GZZW0GAja5qiKwqem4ejVbjQ: Timeout during connect (likely firewall problem)IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: gitlab.binex.cc
Type: connection
Detail: Fetching
http://gitlab.binex.cc/.well-known/acme-challenge/xZk9yy56AiTn1bmyTC4GZZW0GAja5qiKwqem4ejVbjQ:
Timeout during connect (likely firewall problem)To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you're using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.
root@gitlab:/var/opt/gitlab/nginx/www/.well-known/acme-challenge#
Basically your Gitlab Server doesn't have port 80 open so Let's Encrypt cannot validate it. What ports are you allowing through your firewall right now?
This is my problem with my FreePBX. port 80 isn't open to the world, so it won't auto-renew.
You could open it.
I do, manually then update then close it.
I need to find out how to fix it right.Why not have the firewall in the server open port 80 before at the script start and closes it after the script ends?
It is not the PBX firewall. It is his router.
what? This is hosted by Vultr - I have no router in place.
Ah was thinking of some one else
LOL - must have been - you were there when I build this one.
Is your system fully updated? Because I haven’t had any issues with cert renewals for a year now.
I haven't done what I think are called firmware updates in over 6 months.
Still on 13? Because FreePBX 14 no longer has them.
-
-
@JaredBusch said in Error generating Certificate with Lets Encrypt:
@Dashrender said in Error generating Certificate with Lets Encrypt:
@JaredBusch said in Error generating Certificate with Lets Encrypt:
@Dashrender said in Error generating Certificate with Lets Encrypt:
@JaredBusch said in Error generating Certificate with Lets Encrypt:
@Dashrender said in Error generating Certificate with Lets Encrypt:
@JaredBusch said in Error generating Certificate with Lets Encrypt:
@dbeato said in Error generating Certificate with Lets Encrypt:
@Dashrender said in Error generating Certificate with Lets Encrypt:
@scottalanmiller said in Error generating Certificate with Lets Encrypt:
@Dashrender said in Error generating Certificate with Lets Encrypt:
@dbeato said in Error generating Certificate with Lets Encrypt:
@harshmehta said in Error generating Certificate with Lets Encrypt:
Hi All,
When I am trying to generate a certificate for my fqdn domain name I am unable to do so , looks like a bug to me but not really sure
Any help on this would be really great
Please find below the error for same
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. gitlab.binex.cc (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://gitlab.binex.cc/.well-known/acme-challenge/xZk9yy56AiTn1bmyTC4GZZW0GAja5qiKwqem4ejVbjQ: Timeout during connect (likely firewall problem)IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: gitlab.binex.cc
Type: connection
Detail: Fetching
http://gitlab.binex.cc/.well-known/acme-challenge/xZk9yy56AiTn1bmyTC4GZZW0GAja5qiKwqem4ejVbjQ:
Timeout during connect (likely firewall problem)To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you're using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.
root@gitlab:/var/opt/gitlab/nginx/www/.well-known/acme-challenge#
Basically your Gitlab Server doesn't have port 80 open so Let's Encrypt cannot validate it. What ports are you allowing through your firewall right now?
This is my problem with my FreePBX. port 80 isn't open to the world, so it won't auto-renew.
You could open it.
I do, manually then update then close it.
I need to find out how to fix it right.Why not have the firewall in the server open port 80 before at the script start and closes it after the script ends?
It is not the PBX firewall. It is his router.
what? This is hosted by Vultr - I have no router in place.
Ah was thinking of some one else
LOL - must have been - you were there when I build this one.
Is your system fully updated? Because I haven’t had any issues with cert renewals for a year now.
I haven't done what I think are called firmware updates in over 6 months.
Still on 13? Because FreePBX 14 no longer has them.
Yeah, I've not done one in a long time.
-
-
I'm on
FreePBX 14.0.5.2 (this is probably a bit behind)
Asterisk 13.19.1 (also behind) -
@Dashrender said in Error generating Certificate with Lets Encrypt:
I'm on
FreePBX 14.0.5.2 (this is probably a bit behind)
Asterisk 13.19.1 (also behind)Run your
yum updateand thenfwconsole ma upgradeallandfwconsole reload
