Install Let's encrypt certificate failed

, ,

:us: Message template (english)

My YunoHost server

Hardware: Virtual Box + yunohost
YunoHost version: Latest
I have access to my server : Through the terminal, and server ip… But not the domain.
Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? : no

Description of my issue

I attempted to use Let’s encrypt on my domain, and it didn’t seem to work.
I went through everything I did to see if I missed something, but I didn’t see anything I missed.

Below is the log.

2019-09-13 04:24:55,493: DEBUG - Nginx configuration file for ACME challenge already exists for domain, skipping.
2019-09-13 04:24:55,494: DEBUG - Making sure tmp folders exists...
2019-09-13 04:24:56,410: DEBUG - Could not get public IPv6 : Invalid url (does this site exists?)
2019-09-13 04:24:56,411: DEBUG - Prepare key and certificate signing request (CSR) for
2019-09-13 04:24:56,698: DEBUG - Saving to /tmp/acme-challenge-private/
2019-09-13 04:24:56,699: DEBUG - Now using ACME Tiny to sign the certificate...
2019-09-13 04:24:56,699: INFO - Parsing account key...
2019-09-13 04:24:56,707: INFO - Parsing CSR...
2019-09-13 04:24:56,712: INFO - Found domains:
2019-09-13 04:24:56,712: INFO - Getting directory...
2019-09-13 04:24:56,852: INFO - Directory found!
2019-09-13 04:24:56,853: INFO - Registering account...
2019-09-13 04:24:57,124: INFO - Already registered!
2019-09-13 04:24:57,124: INFO - Creating new order...
2019-09-13 04:24:57,422: INFO - Order created!
2019-09-13 04:24:57,537: INFO - Verifying
2019-09-13 04:25:10,082: ERROR - Challenge did not pass for {u'status': u'invalid', u'challenges': [{u'status': u'invalid', u'validationRecord': [{u'url': u'', u'hostname': u'', u'addressUsed': u'', u'port': u'80', u'addressesResolved': [u'']}], u'url': u'', u'token': u'Gs_EYV4oB3Un4AmS75PgV4bc0khl9PfygpftGCFFgzw', u'error': {u'status': 400, u'type': u'urn:ietf:params:acme:error:connection', u'detail': u'Fetching Timeout during connect (likely firewall problem)'}, u'type': u'http-01'}, {u'status': u'invalid', u'url': u'', u'token': u'Gs_EYV4oB3Un4AmS75PgV4bc0khl9PfygpftGCFFgzw', u'type': u'dns-01'}, {u'status': u'invalid', u'url': u'', u'token': u'Gs_EYV4oB3Un4AmS75PgV4bc0khl9PfygpftGCFFgzw', u'type': u'tls-alpn-01'}], u'identifier': {u'type': u'dns', u'value': u''}, u'expires': u'2019-09-20T08:24:57Z'}
2019-09-13 04:25:10,626: WARNING - Debug information:
 - domain ip from DNS
 - domain ip from local DNS
 - public ip of the server

2019-09-13 04:25:11,170: WARNING - Debug information:
 - domain ip from DNS
 - domain ip from local DNS
 - public ip of the server

2019-09-13 04:25:11,171: ERROR - Certificate installation for failed !
Exception: Signing the new certificate failed


Peut-ĂŞtre indisponible au moment de la demande ?
Perhaps unavailable at the time of the request?

Well that’s the thing then, my guess is that you did not configure port forwarding for your server and therefore can’t get a let’s encrypt certificate. Yunohost should have theoretically warned you about this, maybe it didn’t, or maybe you used --no-checks thinking it would work anyway ?

Port forwarding in the context of a virtualbox is not trivial, because you need to configure it on both your internet router and the virtualbox. Which is why we usually recommend virtualbox only for testing yunohost and see how it works, though it’s not impossible to use it for a production server in theory…

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.