[BlueOnyx:26203] Re: LE stopped renewing
Michael Stauber
mstauber at blueonyx.it
Fri May 12 13:32:41 -05 2023
Hi Colin,
> We have a 5209R which has stopped renewing a vsite LE cert.
> It has been fine for months but now when I try and renew I get the ‘red page of death’! :-/
>
>>From the log and can see this
>
> [Fri May 12 18:56:15 BST 2023] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/227202166417/JRyFtQ'
Actually, when you follow the URLs that the log has, it tells you the
reason:
---------------------------------------------------------------------
"81.137.196.19: Fetching
http://intranet.broadwater.co.uk/.well-known/acme-challenge/JmiClJxHkVKF20NblApbWRrHZZ4n0iUkMRWJVGBfBQA:
Timeout during connect (likely firewall problem)"
---------------------------------------------------------------------
Try disabling APF/Firewalld (depending on what you're using) and try to
renew again and see if that works. If it does, then it's perhaps that
the firewall has one of the LE verification hosts blocked for whatever
reason.
--
With best regards
Michael Stauber
More information about the Blueonyx
mailing list