Install Let's encrypt certificate failed

:us: Message template (english)

My YunoHost server

Hardware: Virtual Box + yunohost
YunoHost version: Latest
I have access to my server : Through the terminal, and server ip… But not the domain.
Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? : no

Description of my issue

I attempted to use Let’s encrypt on my domain, and it didn’t seem to work.
I went through everything I did to see if I missed something, but I didn’t see anything I missed.

Below is the log.

2019-09-13 04:24:55,493: DEBUG - Nginx configuration file for ACME challenge already exists for domain, skipping.
2019-09-13 04:24:55,494: DEBUG - Making sure tmp folders exists...
2019-09-13 04:24:56,410: DEBUG - Could not get public IPv6 : Invalid url https://ip6.yunohost.org (does this site exists?)
2019-09-13 04:24:56,411: DEBUG - Prepare key and certificate signing request (CSR) for wolfy123.nohost.me...
2019-09-13 04:24:56,698: DEBUG - Saving to /tmp/acme-challenge-private/wolfy123.nohost.me.csr.
2019-09-13 04:24:56,699: DEBUG - Now using ACME Tiny to sign the certificate...
2019-09-13 04:24:56,699: INFO - Parsing account key...
2019-09-13 04:24:56,707: INFO - Parsing CSR...
2019-09-13 04:24:56,712: INFO - Found domains: wolfy123.nohost.me
2019-09-13 04:24:56,712: INFO - Getting directory...
2019-09-13 04:24:56,852: INFO - Directory found!
2019-09-13 04:24:56,853: INFO - Registering account...
2019-09-13 04:24:57,124: INFO - Already registered!
2019-09-13 04:24:57,124: INFO - Creating new order...
2019-09-13 04:24:57,422: INFO - Order created!
2019-09-13 04:24:57,537: INFO - Verifying wolfy123.nohost.me...
2019-09-13 04:25:10,082: ERROR - Challenge did not pass for wolfy123.nohost.me: {u'status': u'invalid', u'challenges': [{u'status': u'invalid', u'validationRecord': [{u'url': u'http://wolfy123.nohost.me/.well-known/acme-challenge/Gs_EYV4oB3Un4AmS75PgV4bc0khl9PfygpftGCFFgzw', u'hostname': u'wolfy123.nohost.me', u'addressUsed': u'71.28.186.20', u'port': u'80', u'addressesResolved': [u'71.28.186.20']}], u'url': u'https://acme-v02.api.letsencrypt.org/acme/chall-v3/320637847/dl70zQ', u'token': u'Gs_EYV4oB3Un4AmS75PgV4bc0khl9PfygpftGCFFgzw', u'error': {u'status': 400, u'type': u'urn:ietf:params:acme:error:connection', u'detail': u'Fetching http://wolfy123.nohost.me/.well-known/acme-challenge/Gs_EYV4oB3Un4AmS75PgV4bc0khl9PfygpftGCFFgzw: Timeout during connect (likely firewall problem)'}, u'type': u'http-01'}, {u'status': u'invalid', u'url': u'https://acme-v02.api.letsencrypt.org/acme/chall-v3/320637847/MYbtoA', u'token': u'Gs_EYV4oB3Un4AmS75PgV4bc0khl9PfygpftGCFFgzw', u'type': u'dns-01'}, {u'status': u'invalid', u'url': u'https://acme-v02.api.letsencrypt.org/acme/chall-v3/320637847/azxsDA', u'token': u'Gs_EYV4oB3Un4AmS75PgV4bc0khl9PfygpftGCFFgzw', u'type': u'tls-alpn-01'}], u'identifier': {u'type': u'dns', u'value': u'wolfy123.nohost.me'}, u'expires': u'2019-09-20T08:24:57Z'}
2019-09-13 04:25:10,626: WARNING - Debug information:
 - domain ip from DNS        71.28.186.20
 - domain ip from local DNS  71.28.186.20
 - public ip of the server   71.28.186.20

2019-09-13 04:25:11,170: WARNING - Debug information:
 - domain ip from DNS        71.28.186.20
 - domain ip from local DNS  71.28.186.20
 - public ip of the server   71.28.186.20

2019-09-13 04:25:11,171: ERROR - Certificate installation for wolfy123.nohost.me failed !
Exception: Signing the new certificate failed

Bonjour,

Peut-ĂŞtre indisponible au moment de la demande ?
Hello,
Perhaps unavailable at the time of the request?

Well that’s the thing then, my guess is that you did not configure port forwarding for your server and therefore can’t get a let’s encrypt certificate. Yunohost should have theoretically warned you about this, maybe it didn’t, or maybe you used --no-checks thinking it would work anyway ?

Port forwarding in the context of a virtualbox is not trivial, because you need to configure it on both your internet router and the virtualbox. Which is why we usually recommend virtualbox only for testing yunohost and see how it works, though it’s not impossible to use it for a production server in theory…

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.