Certificate install fails: [Errno 110]

brfilter · September 23, 2020, 1:05am

My YunoHost server

**Hardware:**Rpi 3B+
YunoHost version: 4.0.8
I have access to my server : Through SSH + through the webadmin
Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? : no

Description of my issue

Hello! I have everything set properly I believe–diagnostics all pass with flying colors (except mail, which is ignored for obvious reasons). Logs attached below of the result when I try to install a certificate. When I turn my browser to the URL in the error message, I can read it, so I don’t get what the issue is. Thanks in advance!

 args:
  force: false
  no_checks: false
  staging: false
ended_at: 2020-09-23 00:50:10.826630
error: 'Certificate installation for maindomain.tld failed !

  Exception: Could not sign the new certificate'
operation: letsencrypt_cert_install
related_to:
- - domain
  - maindomain.tld
started_at: 2020-09-23 00:47:50.946317
success: false
yunohost_version: 4.0.8

============

2020-09-23 01:47:50,984: DEBUG - Making sure tmp folders exists...
2020-09-23 01:47:51,014: DEBUG - Fetching IP from https://ip.yunohost.org 
2020-09-23 01:47:51,648: DEBUG - IP fetched: xx.xx.xx.xx
2020-09-23 01:47:51,671: DEBUG - No default route for IPv6, so assuming there's no IP address for that version
2020-09-23 01:47:51,672: DEBUG - IP fetched: None
2020-09-23 01:47:51,673: DEBUG - Prepare key and certificate signing request (CSR) for maindomain.tld...
2020-09-23 01:47:54,794: DEBUG - Saving to /tmp/acme-challenge-private/maindomain.tld.csr.
2020-09-23 01:47:54,796: DEBUG - Now using ACME Tiny to sign the certificate...
2020-09-23 01:47:54,797: INFO - Parsing account key...
2020-09-23 01:47:54,832: INFO - Parsing CSR...
2020-09-23 01:47:54,865: INFO - Found domains: maindomain.tld, xmpp-upload.maindomain.tld
2020-09-23 01:47:54,867: INFO - Getting directory...
2020-09-23 01:47:55,247: INFO - Directory found!
2020-09-23 01:47:55,248: INFO - Registering account...
2020-09-23 01:47:55,826: INFO - Already registered!
2020-09-23 01:47:55,828: INFO - Creating new order...
2020-09-23 01:47:56,387: INFO - Order created!
2020-09-23 01:47:56,938: INFO - Verifying maindomain.tld...
2020-09-23 01:47:58,105: INFO - maindomain.tld verified!
2020-09-23 01:47:58,636: INFO - Verifying xmpp-upload.maindomain.tld...
2020-09-23 01:50:10,820: ERROR - Wrote file to /tmp/acme-challenge-public/EQzxj9pT3FQbK2ntfHL2nm8TSA10IaY6Kb720xT807c, but couldn't download http://xmpp-upload.maindomain.tld/.well-known/acme-challenge/EQzxj9pT3FQbK2ntfHL2nm8TSA10IaY6Kb720xT807c: Error:
Url: http://xmpp-upload.maindomain.tld/.well-known/acme-challenge/EQzxj9pT3FQbK2ntfHL2nm8TSA10IaY6Kb720xT807c
Data: None
Response Code: None
Response: <urlopen error [Errno 110] Connection timed out>
2020-09-23 01:50:10,824: ERROR - Certificate installation for maindomain.tld failed !
Exception: Could not sign the new certificate

Aleks · September 23, 2020, 11:05am

Hmpf i thought I fixed the issue but apparently it still happens

I think a workaround may be to run :

echo '127.0.0.1   xmpp-upload.maindomain.tld' >> /etc/hosts

(N.B : be sure to put two >> in the command (not one …) and to replace maindomain.tld with your actual main domain)

brfilter · September 27, 2020, 3:17am

Perfect! Works like a charm now, many thanks.

So what’s happening here? Why does the xmpp need to be specified in the hosts? Shouldn’t it resolve since the top domain is already there? Problem solved but I would still like to learn…relatively green when it comes to IT stuff.

system · October 12, 2020, 3:17am

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.