so i am unable to enable lets-encrypt with the build-in certbot in nextcloud snap.
I have tried to do this on certbot separately outside from nextcloud snap and it worked.
I have this installed on a raspberry pi 5 8GB. I have opened the ports to the ip adress of the raspberry.
the error looks like this:
ease enter your domain name(s) (space-separated): efficiency-inc.nl
Attempting to obtain certificates... error running certbot:
Saving debug log to /var/snap/nextcloud/current/certs/certbot/logs/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for efficiency-inc.nl
Using the webroot path /var/snap/nextcloud/current/certs/certbot for all unmatched domains.
Waiting for verification...
Challenge failed for domain efficiency-inc.nl
http-01 challenge for efficiency-inc.nl
Cleaning up challenges
Some challenges have failed.
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: efficiency-inc.nl
Type: connection
Detail: xxxxx: Fetching
http://efficiency-inc.nl/.well-known/acme-challenge/t55ftDICfJqfQqNLC189S2buDY2CO0-CspHvJ-a_gNs:
Connection refused
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you're using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.
- Your account credentials have been saved in your Certbot
configuration directory at
/var/snap/nextcloud/current/certs/certbot/config. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
i had nextcloud installed before on a raspberry pi 4 with the same inputs and back then it worked normally.
to install lets-encrypt i used this command:
nextcloud.enable-https lets-encrypt
the logs looks like this:
2024-04-19 20:42:47,845:DEBUG:certbot.main:certbot version: 0.33.1
2024-04-19 20:42:47,846:DEBUG:certbot.main:Arguments: ['--text', '--config-dir', '/var/snap/nextcloud/current/certs/certbot/config', '--work-dir', '/var/snap/nextcloud/current/certs/certbot/work', '--logs-dir', '/var/snap/nextcloud/current/certs/certbot/logs', '--authenticator', 'webroot', '--webroot-path', '/var/snap/nextcloud/current/certs/certbot', '--rsa-key-size', '4096', '--email', 'xxxx@gmail.com', '--non-interactive', '--agree-tos', '--force-renewal', '-d', 'efficiency-inc.nl']
2024-04-19 20:42:47,846:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#nextcloud:webroot,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2024-04-19 20:42:47,858:DEBUG:certbot.log:Root logging level set at 20
2024-04-19 20:42:47,859:INFO:certbot.log:Saving debug log to /var/snap/nextcloud/current/certs/certbot/logs/letsencrypt.log
2024-04-19 20:42:47,860:DEBUG:certbot.plugins.selection:Requested authenticator webroot and installer None
2024-04-19 20:42:47,867:DEBUG:certbot.plugins.selection:Single candidate plugin: * webroot
Description: Place files in webroot directory
Interfaces: IAuthenticator, IPlugin
Entry point: webroot = certbot.plugins.webroot:Authenticator
Initialized: <certbot.plugins.webroot.Authenticator object at 0x7ffee82d35d0>
Prep: True
2024-04-19 20:42:47,867:DEBUG:certbot.plugins.selection:Selected authenticator <certbot.plugins.webroot.Authenticator object at 0x7ffee82d35d0> and installer None
2024-04-19 20:42:47,868:INFO:certbot.plugins.selection:Plugins selected: Authenticator webroot, Installer None
2024-04-19 20:42:49,703:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2024-04-19 20:42:49,711:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443
2024-04-19 20:42:50,222:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 747
2024-04-19 20:42:50,223:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Fri, 19 Apr 2024 18:42:50 GMT
Content-Type: application/json
Content-Length: 747
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"46hy4yCGyeg": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
"keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
"meta": {
"caaIdentities": [
"letsencrypt.org"
],
"termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.4-April-3-2024.pdf",
"website": "https://letsencrypt.org"
},
"newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
"newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
"newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
"renewalInfo": "https://acme-v02.api.letsencrypt.org/draft-ietf-acme-ari-02/renewalInfo/",
"revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}
2024-04-19 20:42:50,224:DEBUG:acme.client:Requesting fresh nonce
2024-04-19 20:42:50,224:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
2024-04-19 20:42:50,373:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0
2024-04-19 20:42:50,374:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Fri, 19 Apr 2024 18:42:50 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: Y89UXNyaPZBGK07IVx6ckDfTANOuQ0GObveR6Xgth2eyt2MRREk
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
2024-04-19 20:42:50,374:DEBUG:acme.client:Storing nonce: Y89UXNyaPZBGK07IVx6ckDfTANOuQ0GObveR6Xgth2eyt2MRREk
2024-04-19 20:42:50,374:DEBUG:acme.client:JWS payload:
{
"termsOfServiceAgreed": true,
"resource": "new-reg",
"contact": [
"mailto:xxxxx@gmail.com"
]
}
2024-04-19 20:42:50,408:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-acct:
{
"protected": "eyJub25jZSI6ICJZODlVWE55YVBaQkdLMDdJVng2Y2tEZlRBTk91UTBHT2J2ZVI2WGd0aDJleXQyTVJSRWsiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1hY2N0IiwgImp3ayI6IHsiZSI6ICJBUUFCIiwgImt0eSI6ICJSU0EiLCAibiI6ICJxd0MzLXJJRFIxOEpYOTktaUFPWVVHVjZoc0g2NTM0U0NmR3NsaGNNdUVBaG9RWHJZZDRuRGRENGFmMURFQ0FQRGJzWVZWTzN4dUtIMk1YT0RGZWZSOTA3djVCekU2bXQ3cGgwUVliTkQ2VUNrQmtiR2dHejlfVGxEb2R3aHhabWJJcjdoN0dOQzRvVFBwRjNqcTg2MEhZMVNLdzhzcGJvNDIzNnhHRkcxcjA5SVFqbTRHRmFhaTY1TkdQNXN6eHJFSFh5NFREV3BHRkJRMEo2VV9xTlpqeTRsRUJWSnpHR19SSmZSNmxhZHRuQ25xa0pOMGFkQnpTZUhfTHRmaGRMMTlUbU52N0kyN1RScmpOcmMyX0VFbmpUdW5pYmVod1dkQVRNWUZLZDdGS25nb0cwbVo1ejJfSkpnUzBEbUEzOGlkRUVael80dDl5cTRTSHJhRjJ3VnJCR0NVbWE3bnF0bEN2UlZkTmpiS0stQ0J2TFE1QVRwQzczMk5IWHI2eUNvdjFQa2lNcUJWNGkzRGttTl92N1BDX3BETWloRTM5TnVzTVktUmx1MVp4Y2swQlBWN2FYVTFNRk9sSDBVcFdlRVhIOEpRa3RXREtsb2piOVpBNlJGVzQzRmJGZE5oMUMyMVZsdUNNUXZKNUh0bjZZV3htQ2pXU2hmYkwxcXJiblhwazZNbjNoZVZjOU0yb3JQYlJyWUU5eTI0Q3RrR2JGdjVqTW1CaEdCQ0tGUlRfWXVVOWEtUkx0aW9sdWc1aUNTaFFsYkl1cmtmXzRCQ2IydUhWd2ZQQno1UFl2NjlRTFVhR081X3p1Mno5TTRrMU5tQ29qdjZSZDlrcmVSbF9kM2R2Q0ZsVm1fMUxucmdUZkYyeWNkUEtwTzNMRm84V3UxQ29CeHhhZWlrayJ9LCAiYWxnIjogIlJTMjU2In0",
"payload": "ewogICJ0ZXJtc09mU2VydmljZUFncmVlZCI6IHRydWUsIAogICJyZXNvdXJjZSI6ICJuZXctcmVnIiwgCiAgImNvbnRhY3QiOiBbCiAgICAibWFpbHRvOmF5dXNoYmFib2VyYW1wYW5kYXlAZ21haWwuY29tIgogIF0KfQ",
"signature": "i6fae5O8C58Eo_1HPk6v5SYBxQc1BwduuubHFt7Gryk7j435QLsYcUqP5XqUoRMcGW_1u6DMWvQbeZjHxAe9z-TDoqt1dZN6pOzFDp406h9c_ToxIMTfNLFUmzwD0OzXc-_AAAGX2pBT3CA13Ju4wBAUXHqdmcaYg0PNXCY_3-qOUdj8-kgf66dgn2yjYa9hrgl414YdfOa4O_jCXwitndaAhMa52lVAXZMoCcHMbHLd-nkRxbT-4paf_L-DPFRcYnKlQXvWQXk2HN9qN8IbxWjJoer1UEVEMXAoDUHU3ry2vQZbcljWbm1KdNe4sxgX-Mf5s7sKQ-4jO8OE2-U2MPnFwCyEMv_9AN-KYkmI2z6gB5mttHcMdcTW0YuKyOdrmv3cMMMs-BqDckgPF4UWux5yKDiNeVXCo0kWKM2O7o3m0f4whuqBocSgdlYzWbnUzCTgtijMdXlHQKfBQNTvnX7l0K-KApfsgfOB9xJ4uW80tmU5DzSiSeXzlTBx6beynq-tPfXTjj13gaaW7warXUvgGMhxbObWfL9hOahqH25VLHz5VRoNZqDEtI19Ee2leHqsdJF2MXie3-A7URdL8gRDZpuhS-3sJFSSgcp9huK1EHEmTcvWFCBK1sqJ1hyGc_0RUrRIIQyhOvt2U-NsTuaxhouAf_0-gL2dk8VTC54"
}
2024-04-19 20:42:50,620:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-acct HTTP/1.1" 201 936
2024-04-19 20:42:50,621:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Date: Fri, 19 Apr 2024 18:42:50 GMT
Content-Type: application/json
Content-Length: 936
Connection: keep-alive
Boulder-Requester: 1682270317
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index", <https://letsencrypt.org/documents/LE-SA-v1.4-April-3-2024.pdf>;rel="terms-of-service"
Location: https://acme-v02.api.letsencrypt.org/acme/acct/1682270317
Replay-Nonce: Y89UXNyaYnWuAeff81RHKKzgyuogjbpcZYymY4fO9zkkaWUyGtQ
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"key": {
"kty": "RSA",
"n": "qwC3-rIDR18JX99-iAOYUGV6hsH6534SCfGslhcMuEAhoQXrYd4nDdD4af1DECAPDbsYVVO3xuKH2MXODFefR907v5BzE6mt7ph0QYbND6UCkBkbGgGz9_TlDodwhxZmbIr7h7GNC4oTPpF3jq860HY1SKw8spbo4236xGFG1r09IQjm4GFaai65NGP5szxrEHXy4TDWpGFBQ0J6U_qNZjy4lEBVJzGG_RJfR6ladtnCnqkJN0adBzSeH_LtfhdL19TmNv7I27TRrjNrc2_EEnjTunibehwWdATMYFKd7FKngoG0mZ5z2_JJgS0DmA38idEEZz_4t9yq4SHraF2wVrBGCUma7nqtlCvRVdNjbKK-CBvLQ5ATpC732NHXr6yCov1PkiMqBV4i3DkmN_v7PC_pDMihE39NusMY-Rlu1Zxck0BPV7aXU1MFOlH0UpWeEXH8JQktWDKlojb9ZA6RFW43FbFdNh1C21VluCMQvJ5Htn6YWxmCjWShfbL1qrbnXpk6Mn3heVc9M2orPbRrYE9y24CtkGbFv5jMmBhGBCKFRT_YuU9a-RLtiolug5iCShQlbIurkf_4BCb2uHVwfPBz5PYv69QLUaGO5_zu2z9M4k1NmCojv6Rd9kreRl_d3dvCFlVm_1LnrgTfF2ycdPKpO3LFo8Wu1CoBxxaeikk",
"e": "AQAB"
},
"contact": [
"mailto:xxxxx@gmail.com"
],
"initialIp": "2001:1c02:2f15:c00:b56e:597d:e394:1ea",
"createdAt": "2024-04-19T18:42:50.53027973Z",
"status": "valid"
}
2024-04-19 20:42:50,621:DEBUG:acme.client:Storing nonce: Y89UXNyaYnWuAeff81RHKKzgyuogjbpcZYymY4fO9zkkaWUyGtQ
2024-04-19 20:42:50,625:DEBUG:certbot.reporter:Reporting to user: Your account credentials have been saved in your Certbot configuration directory at /var/snap/nextcloud/current/certs/certbot/config. You should make a secure backup of this folder now. This configuration directory will also contain certificates and private keys obtained by Certbot so making regular backups of this folder is ideal.
2024-04-19 20:42:50,630:DEBUG:certbot.main:Picked account: <Account(RegistrationResource(body=Registration(status=u'valid', terms_of_service_agreed=None, agreement=None, only_return_existing=None, contact=(u'mailto:xxxxx@gmail.com',), key=JWKRSA(key=<ComparableRSAKey(<cryptography.hazmat.backends.openssl.rsa._RSAPublicKey object at 0x7ffee7f7b290>)>), external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/1682270317', new_authzr_uri=None, terms_of_service='https://letsencrypt.org/documents/LE-SA-v1.4-April-3-2024.pdf'), 74fd519bb115128c118566cf35da78f6, Meta(creation_host='nextcloud', creation_dt=datetime.datetime(2024, 4, 19, 18, 42, 50, tzinfo=<UTC>)))>
2024-04-19 20:42:50,631:INFO:certbot.main:Obtaining a new certificate
2024-04-19 20:42:56,221:DEBUG:certbot.crypto_util:Generating key (4096 bits): /var/snap/nextcloud/current/certs/certbot/config/keys/0000_key-certbot.pem
2024-04-19 20:42:56,251:DEBUG:certbot.crypto_util:Creating CSR: /var/snap/nextcloud/current/certs/certbot/config/csr/0000_csr-certbot.pem
2024-04-19 20:42:56,252:DEBUG:acme.client:JWS payload:
{
"identifiers": [
{
"type": "dns",
"value": "efficiency-inc.nl"
}
]
}
2024-04-19 20:42:56,278:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
{
"protected": "eyJub25jZSI6ICJZODlVWE55YVluV3VBZWZmODFSSEtLemd5dW9namJwY1pZeW1ZNGZPOXpra2FXVXlHdFEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC8xNjgyMjcwMzE3IiwgImFsZyI6ICJSUzI1NiJ9",
"payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwgCiAgICAgICJ2YWx1ZSI6ICJlZmZpY2llbmN5LWluYy5ubCIKICAgIH0KICBdCn0",
"signature": "RgzS3WAFo_vGNfk8bNKxJdkoMNmE-gXoIhV9neL9Bi6fXQk-9cLwg1uZCqVSTSiaEMAvTCgjdNkzkMsx4WzSlZVwjbyXgasflrvWYpVXne-MXK2mS6wgT4By98RgubvgNF5HUqXZbEoNQoRSMauKnBPlB-3hsU3WLUgJVZJLUmF-32y8CUS7lz9NFrHpLrfXtT4uIGMkyNE4tdjlJYWybEZiuEBm6Tu09cXY2DKz_Ta2A9DRJXLKr1oTGKBXcMDhIwoQeGMXSZyZ0t13DvxeT3rQuOGKetEF2huZ9R_7-6VjJl4Nb7OdZu5YsZpNAFnqSOyLYaJ2R7aVCC53dDYJHaVYcMUELOeJgAbOZGstR8JEdLlTiWim6BD3hpqGHzEDIYnxB04-IDiIAM_pt80LZJcM_6xXrH3VXU7LH7-z4MMVw0RBaXiXFRtzUpVKyaWqlnbLZ0urQFTRIFToHViUM8baD7A3jUf5R-rZEvv0Lm3KSLE0cnSn3UrwtlbKa50WRQUWkLZVjqNz8nqMx9iCyP8_0KwpvTz3xumnk4Z17x2HZM3gxfAozyu5_NBIGiF9Qh2En5NGOrd3fUx4Oj2QwiX6DSZeicy4BfhhMhCJ9Izd2VCqbeX8F37z54NiPvCXSGjLGohpEgN-5oC-8PBcjs1M4-zWcO4a_GJ4A6fpajc"
}
2024-04-19 20:42:56,602:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 343
2024-04-19 20:42:56,602:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Date: Fri, 19 Apr 2024 18:42:56 GMT
Content-Type: application/json
Content-Length: 343
Connection: keep-alive
Boulder-Requester: 1682270317
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Location: https://acme-v02.api.letsencrypt.org/acme/order/1682270317/262353715977
Replay-Nonce: Y89UXNyake5Ci8SWBIQB89B2jfH7bKSThFlWeRzCkbNnP5QcAZ4
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"status": "pending",
"expires": "2024-04-26T18:42:56Z",
"identifiers": [
{
"type": "dns",
"value": "efficiency-inc.nl"
}
],
"authorizations": [
"https://acme-v02.api.letsencrypt.org/acme/authz-v3/340509632427"
],
"finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/1682270317/262353715977"
}
2024-04-19 20:42:56,603:DEBUG:acme.client:Storing nonce: Y89UXNyake5Ci8SWBIQB89B2jfH7bKSThFlWeRzCkbNnP5QcAZ4
2024-04-19 20:42:56,605:DEBUG:acme.client:JWS payload:
2024-04-19 20:42:56,630:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/340509632427:
{
"protected": "eyJub25jZSI6ICJZODlVWE55YWtlNUNpOFNXQklRQjg5QjJqZkg3YktTVGhGbFdlUnpDa2JOblA1UWNBWjQiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzM0MDUwOTYzMjQyNyIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC8xNjgyMjcwMzE3IiwgImFsZyI6ICJSUzI1NiJ9",
"payload": "",
"signature": "OGh0ditn0aMZeAz6vUwjCZgEGYjEKt84cvq7Lc3pHP8e6Rq6HaKs8hmLA8gs_eVjL2iVinYqosNDiqj4m02caT81SP85rgkEQL93hO-qRRJSEFVVYQKEzXG4YdJ29jGV4i6lKYjFDsvo3KXHmUvSonv3jP7J934z0ZJJ6BBwPGMZsIDCW5kZeo9DTX_eOVuvqrxmXbyPKl_9RU24EVsDgZiFGgofA_SSgQVK6Ot_mC2Y1EJBl3PxxNGZTKYbkFwVbFNDn8hbXb5eKEwiKv9-wlQZA63qeHrTIZ33au8J0F6bF4_ZgO8TH1x8lqpLQdBLlxN7H1l1UKfR6yCbS562rkqcG0jatHQZUXIVyJ0rxcvrBlsMEhylqFXPbXzDiwAHxFzCEBEtwD5rtVOpSMUlmYcbcO4C6rCLC_SX4hi5Dy936BwPYrE1BNAiTcI3nXFZTDupmCe1oUCFSy26DRO2NSdfFHgT65q_WCoHoun4h__7nWhXvZhJVVNRMxh9gVKOTb0wq1UKwWQVG7cSdjygndA0CT6fSkScuq32N-FD4tRdFPTBxrd3Siu4QV4LeqWS4JrH_PQPunWyJoLnpuNhyy58qHHxYnM65qRmuzN5DqOqO1QzUKloXogiUcYzWnjvxWfAcp4-vXyKHnGabhd6A60WXbMMKFK0GKRXL3_1sLE"
}
2024-04-19 20:42:56,779:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/340509632427 HTTP/1.1" 200 801
2024-04-19 20:42:56,779:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Fri, 19 Apr 2024 18:42:56 GMT
Content-Type: application/json
Content-Length: 801
Connection: keep-alive
Boulder-Requester: 1682270317
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: FUnC6kMpDdZdYP7ZgVtQxkVbNuw0nGUaXdr4OfO1IGUmVmIBalc
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "efficiency-inc.nl"
},
"status": "pending",
"expires": "2024-04-26T18:42:56Z",
"challenges": [
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/340509632427/5kqYyw",
"token": "t55ftDICfJqfQqNLC189S2buDY2CO0-CspHvJ-a_gNs"
},
{
"type": "dns-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/340509632427/ZsqagA",
"token": "t55ftDICfJqfQqNLC189S2buDY2CO0-CspHvJ-a_gNs"
},
{
"type": "tls-alpn-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/340509632427/e2qyEg",
"token": "t55ftDICfJqfQqNLC189S2buDY2CO0-CspHvJ-a_gNs"
}
]
}
2024-04-19 20:42:56,780:DEBUG:acme.client:Storing nonce: FUnC6kMpDdZdYP7ZgVtQxkVbNuw0nGUaXdr4OfO1IGUmVmIBalc
2024-04-19 20:42:56,780:INFO:certbot.auth_handler:Performing the following challenges:
2024-04-19 20:42:56,780:INFO:certbot.auth_handler:http-01 challenge for efficiency-inc.nl
2024-04-19 20:42:56,780:INFO:certbot.plugins.webroot:Using the webroot path /var/snap/nextcloud/current/certs/certbot for all unmatched domains.
2024-04-19 20:42:56,781:DEBUG:certbot.plugins.webroot:Creating root challenges validation dir at /var/snap/nextcloud/current/certs/certbot/.well-known/acme-challenge
2024-04-19 20:42:56,790:DEBUG:certbot.plugins.webroot:Attempting to save validation to /var/snap/nextcloud/current/certs/certbot/.well-known/acme-challenge/t55ftDICfJqfQqNLC189S2buDY2CO0-CspHvJ-a_gNs
2024-04-19 20:42:56,791:INFO:certbot.auth_handler:Waiting for verification...
2024-04-19 20:42:56,791:DEBUG:acme.client:JWS payload:
{
"type": "http-01",
"resource": "challenge"
}
2024-04-19 20:42:56,817:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/340509632427/5kqYyw:
{
"protected": "eyJub25jZSI6ICJGVW5DNmtNcERkWmRZUDdaZ1Z0UXhrVmJOdXcwbkdVYVhkcjRPZk8xSUdVbVZtSUJhbGMiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2NoYWxsLXYzLzM0MDUwOTYzMjQyNy81a3FZeXciLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTY4MjI3MDMxNyIsICJhbGciOiAiUlMyNTYifQ",
"payload": "ewogICJ0eXBlIjogImh0dHAtMDEiLCAKICAicmVzb3VyY2UiOiAiY2hhbGxlbmdlIgp9",
"signature": "AWADr9PJ0rIEE7EoLQ7ToBoKOZrvYfdPdf7FTfeFY7XYIQYu9TGK9m1Mk-TOTV_B5TE0HI8VrUVu73wg2Cfh8R8EyMgBoZqznJmspUhHVLaM3t-XXogD9zv1fcVb6quu7gBDpaxVdz3_ln9NrD4M4azrW_V-klRS_bAqiPR2GCSu-z4vV77rD6KbQ9O60QAXxEBDOdLAwAaY3KBLTtN5EC9tzX6559KK3SlBFE7M1K2WWdWaIP_g_XKnwWbJhukpwJfrBQwfbFfxS0-ZfkPeD3JJ7VKxJowaJ_fUfgXRVK5Ro-UsOHVwBN0Eh06lBCvZAmgg23E0HUFIgn9cK2SOnYu36cgHjOl-izlEpRZ51AqPSpIDSsvgJn2sjTN7Sv79b02tDUdRfFHUsEw1oHNYzxiLXRvqB9EwSMRaRscvylLA1Tazay5YTN8VuSPhx7hR_3kEFeYX6gVbxCsaQvKV4C1Q3BGCN6YcJSzdiP0yA5hgcc1MijgqqYvilq9POIN_crIUzjvkMxRU0t2EeNIWOmcHQCyz2Pgi9Id63lTJQQK2yxwMI3ytiW-KAOhnIwj52VK9sfdj8KXiSdGiySMf90V0F2pdRv7ov4Bq7gIWyUWycdRvg73xOUq6wtY70tZv9j4yo0jlt5LiqvNIkQsfYSTXAUO7zovUBXzvdFey9wU"
}
2024-04-19 20:42:56,983:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/340509632427/5kqYyw HTTP/1.1" 200 187
2024-04-19 20:42:56,984:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Fri, 19 Apr 2024 18:42:56 GMT
Content-Type: application/json
Content-Length: 187
Connection: keep-alive
Boulder-Requester: 1682270317
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index", <https://acme-v02.api.letsencrypt.org/acme/authz-v3/340509632427>;rel="up"
Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/340509632427/5kqYyw
Replay-Nonce: Y89UXNyaRN7hkuaDY2VhqzKEth5chS37pnzT_0KGWGFcRqKJXRM
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/340509632427/5kqYyw",
"token": "t55ftDICfJqfQqNLC189S2buDY2CO0-CspHvJ-a_gNs"
}
2024-04-19 20:42:56,984:DEBUG:acme.client:Storing nonce: Y89UXNyaRN7hkuaDY2VhqzKEth5chS37pnzT_0KGWGFcRqKJXRM
2024-04-19 20:42:57,986:DEBUG:acme.client:JWS payload:
2024-04-19 20:42:58,013:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/340509632427:
{
"protected": "eyJub25jZSI6ICJZODlVWE55YVJON2hrdWFEWTJWaHF6S0V0aDVjaFMzN3BuelRfMEtHV0dGY1JxS0pYUk0iLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2F1dGh6LXYzLzM0MDUwOTYzMjQyNyIsICJraWQiOiAiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC8xNjgyMjcwMzE3IiwgImFsZyI6ICJSUzI1NiJ9",
"payload": "",
"signature": "R0kthDk1N7ZxWEgpM0i7jiKodUIGHcfAD7rKIKcRmUOQk4oE1odEGUkv1b43nhh4Pv5fPicm8lQSlONNmMNedJ2K6oaIVBRN-GRPIj9AhqhjCzfC3Hf5NboutLLN5DoMJGVid1qXY0aHNQXa74QwC82XyXQksj1fvZ1MEh7WPzDuvAZO0AEZaMoRsWjSw_8c65eCwfa_jrSDkC5nIqCUhBiKNRBmwH-z3b9TGkunOoRpZMClVVjRDzlNjZK-_2FGq_osgjvk9s0IbqP39Ubw9FB2P7kZQSVazWdvlq3SqutjywxquT-EATRbpT-q3Mlt3si7EejWwGYL2kRxAURlSSusdhQE66l_GMxoQbZ2lgf2WdRKHE0THtedTohb9ictAsxIZg3uDqOpl8ZLVsvT6hwYQamMSfnYgx9hbzyu27kWVTJvQiKFXnTZuY_7qf4LwQRgxZIana9X_luCf7XkWyiR_Y-IamPohJKmKmS103Wi-Pmpr5B_FdmzqDBsEw7L_E-me0-ZgO6bRFXS1DYr6KuEYyE7V9zQdHce0zRWD_lg0cYOKlPb1qTTk8NcRUrKC3OLA-Pqd_JeIGTi3HMkq01UylS_mcGxb9iBwHhKOx4vnLOSwFM7Pkkw_Fi-KJV4NgKaDTWfP5DQdUMdP-OuWJMssxa2m7abFnW_TSDZMNM"
}
2024-04-19 20:42:58,174:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/340509632427 HTTP/1.1" 200 1148
2024-04-19 20:42:58,175:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Fri, 19 Apr 2024 18:42:58 GMT
Content-Type: application/json
Content-Length: 1148
Connection: keep-alive
Boulder-Requester: 1682270317
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: FUnC6kMpo4wCW4FbqM1VggZKSsxvpS6hQpBrebUWZ8vALYQPd8U
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "efficiency-inc.nl"
},
"status": "invalid",
"expires": "2024-04-26T18:42:56Z",
"challenges": [
{
"type": "http-01",
"status": "invalid",
"error": {
"type": "urn:ietf:params:acme:error:connection",
"detail": "xxxx: Fetching http://efficiency-inc.nl/.well-known/acme-challenge/t55ftDICfJqfQqNLC189S2buDY2CO0-CspHvJ-a_gNs: Connection refused",
"status": 400
},
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/340509632427/5kqYyw",
"token": "t55ftDICfJqfQqNLC189S2buDY2CO0-CspHvJ-a_gNs",
"validationRecord": [
{
"url": "http://efficiency-inc.nl/.well-known/acme-challenge/t55ftDICfJqfQqNLC189S2buDY2CO0-CspHvJ-a_gNs",
"hostname": "efficiency-inc.nl",
"port": "80",
"addressesResolved": [
"xxxxx"
],
"addressUsed": "xxxxx",
"resolverAddrs": [
"A:10.1.12.82:28098",
"AAAA:10.1.12.84:21929"
]
}
],
"validated": "2024-04-19T18:42:56Z"
}
]
}
2024-04-19 20:42:58,175:DEBUG:acme.client:Storing nonce: FUnC6kMpo4wCW4FbqM1VggZKSsxvpS6hQpBrebUWZ8vALYQPd8U
2024-04-19 20:42:58,176:WARNING:certbot.auth_handler:Challenge failed for domain efficiency-inc.nl
2024-04-19 20:42:58,176:INFO:certbot.auth_handler:http-01 challenge for efficiency-inc.nl
2024-04-19 20:42:58,176:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server:
Domain: efficiency-inc.nl
Type: connection
Detail: xxxx: Fetching http://efficiency-inc.nl/.well-known/acme-challenge/t55ftDICfJqfQqNLC189S2buDY2CO0-CspHvJ-a_gNs: Connection refused
To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are preventing the server from communicating with the client. If you're using the webroot plugin, you should also verify that you are serving files from the webroot path you provided.
2024-04-19 20:42:58,176:DEBUG:certbot.error_handler:Encountered exception:
Traceback (most recent call last):
File "/snap/nextcloud/41514/lib/python2.7/site-packages/certbot/auth_handler.py", line 90, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, best_effort)
File "/snap/nextcloud/41514/lib/python2.7/site-packages/certbot/auth_handler.py", line 154, in _poll_authorizations
raise errors.AuthorizationError('Some challenges have failed.')
AuthorizationError: Some challenges have failed.
2024-04-19 20:42:58,176:DEBUG:certbot.error_handler:Calling registered functions
2024-04-19 20:42:58,176:INFO:certbot.auth_handler:Cleaning up challenges
2024-04-19 20:42:58,177:DEBUG:certbot.plugins.webroot:Removing /var/snap/nextcloud/current/certs/certbot/.well-known/acme-challenge/t55ftDICfJqfQqNLC189S2buDY2CO0-CspHvJ-a_gNs
2024-04-19 20:42:58,177:DEBUG:certbot.plugins.webroot:All challenges cleaned up
2024-04-19 20:42:58,177:DEBUG:certbot.log:Exiting abnormally:
Traceback (most recent call last):
File "/snap/nextcloud/41514/bin/certbot", line 8, in <module>
sys.exit(main())
File "/snap/nextcloud/41514/lib/python2.7/site-packages/certbot/main.py", line 1364, in main
return config.func(config, plugins)
File "/snap/nextcloud/41514/lib/python2.7/site-packages/certbot/main.py", line 1249, in certonly
lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)
File "/snap/nextcloud/41514/lib/python2.7/site-packages/certbot/main.py", line 120, in _get_and_save_cert
lineage = le_client.obtain_and_enroll_certificate(domains, certname)
File "/snap/nextcloud/41514/lib/python2.7/site-packages/certbot/client.py", line 406, in obtain_and_enroll_certificate
cert, chain, key, _ = self.obtain_certificate(domains)
File "/snap/nextcloud/41514/lib/python2.7/site-packages/certbot/client.py", line 349, in obtain_certificate
orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
File "/snap/nextcloud/41514/lib/python2.7/site-packages/certbot/client.py", line 385, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, best_effort)
File "/snap/nextcloud/41514/lib/python2.7/site-packages/certbot/auth_handler.py", line 90, in handle_authorizations
self._poll_authorizations(authzrs, max_retries, best_effort)
File "/snap/nextcloud/41514/lib/python2.7/site-packages/certbot/auth_handler.py", line 154, in _poll_authorizations
raise errors.AuthorizationError('Some challenges have failed.')
AuthorizationError: Some challenges have failed.