[ale] let's encrypt cert renewals?
Derek Atkins
derek at ihtfp.com
Wed May 10 21:09:23 EDT 2017
The "failed to connect" seems pretty straightforward. Are you sure your Apache logs show they are connecting? I would still bet on firewall issues.
-derek
Sent from my mobile. Please excuse any typos.
----- Reply message -----
From: "James Sumners" <james.sumners at gmail.com>
To: "Atlanta Linux Enthusiasts" <ale at ale.org>
Subject: [ale] let's encrypt cert renewals?
Date: Wed, May 10, 2017 8:42 PM
I have no issues using https://github.com/hlandau/acme
On Wed, May 10, 2017 at 8:40 PM, DJ-Pfulio <DJPfulio at jdpfu.com> wrote:
Anyone else having trouble renewing let's encrypt certs?
Apache2 on Ubuntu 16.04.
Failing tls-sni-01 challenge.
I have 2 sites on the same machine. Both have renewed 3 times without
issues. Today, they both failed. The script that always worked before:
#!/bin/sh
export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
/usr/bin/letsencrypt renew
I've been through the log file(s). Not anything useful, just:
FailedChallenges: Failed authorization procedure. site.domain.com
(tls-sni-01): urn:acme:error:connection :: The server could not connect
to the client to verify the domain :: Failed to connect to
50.xx.xx.xx:443 for tls-sni-01 challenge
DNS is correct.
Site is up on 443, but not on 80.
I opened the site to everyone. Normally, only allow a few specific subnets.
Ideas?
_______________________________________________
Ale mailing list
Ale at ale.org
http://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo
--
James Sumners
http://james.sumners.info/ (technical profile)
http://jrfom.com/ (personal site)
http://haplo.bandcamp.com/ (music)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20170510/44a8dca9/attachment.html>
More information about the Ale
mailing list