[BlueOnyx:26204] Re: LE stopped renewing
Colin Jack
colin at mainline.co.uk
Fri May 12 14:11:48 -05 2023
Hi Michael,
>> [Fri May 12 18:56:15 BST 2023] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/227202166417/JRyFtQ' <https://acme-v02.api.letsencrypt.org/acme/chall-v3/227202166417/JRyFtQ'>
>Actually, when you follow the URLs that the log has, it tells you the
> reason:
> --------------------------------------------------------------------
> "81.137.196.19: Fetching
> http://intranet.broadwater.co.uk/.well-known/acme-challenge/JmiClJxHkVKF20NblApbWRrHZZ4n0iUkMRWJVGBfBQA > <http://intranet.broadwater.co.uk/.well-known/acme-challenge/JmiClJxHkVKF20NblApbWRrHZZ4n0iUkMRWJVGBfBQA>:
> Timeout during connect (likely firewall problem)"
---------------------------------------------------------------------
> Try disabling APF/Firewalld (depending on what you're using) and try to
> renew again and see if that works. If it does, then it's perhaps that
> the firewall has one of the LE verification hosts blocked for whatever
> reason.
I opened up the hardware firewall to any and tried to renew. No good but and I could access the site remotely. (I have now returned the rules to as they were before, so allowing the LE servers only).
Not running APF or Firewalld.
Thanks
Colin
More information about the Blueonyx
mailing list