Categories
Mastering Development System & Network

Http-01 Challenge failed and Connection refused

I just bought a new server, and want to follow this for www.pretty-formula.com.

Here is the record I added to pretty-formula.com:

In the server, ufw status returned Status: inactive.

After putting pretty-formula.com in related files, I got this error:

root@iZj6ce932fiflob4gudnajZ:~/nginx-certbot# ./init-letsencrypt.sh 
Existing data found for pretty-formula.com. Continue and replace existing certificate? (y/N) y
### Creating dummy certificate for pretty-formula.com ...
Generating a RSA private key
......+++++
.........+++++
writing new private key to '/etc/letsencrypt/live/pretty-formula.com/privkey.pem'
-----
failed to resize tty, using default size

### Starting nginx ...
Recreating nginx-certbot_nginx_1 ... done

### Deleting dummy certificate for pretty-formula.com ...
failed to resize tty, using default size

### Requesting Let's Encrypt certificate for pretty-formula.com ...
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for pretty-formula.com
http-01 challenge for www.pretty-formula.com
Using the webroot path /var/www/certbot for all unmatched domains.
Waiting for verification...
Challenge failed for domain pretty-formula.com
Challenge failed for domain www.pretty-formula.com
http-01 challenge for pretty-formula.com
http-01 challenge for www.pretty-formula.com
Cleaning up challenges
Some challenges have failed.

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: pretty-formula.com
   Type:   connection
   Detail: Fetching
   http://pretty-formula.com/.well-known/acme-challenge/-yXehDZroR0bFBusF3tEM9Ja9tD1XEXDmAiDnWgP6u8:
   Connection refused

   Domain: www.pretty-formula.com
   Type:   connection
   Detail: Fetching
   http://www.pretty-formula.com/.well-known/acme-challenge/KbU_eUlIBexvG1zqN-UKB7lhdiIc7MEOYar1w-vlPNs:
   Connection refused

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address. Additionally, please check that
   your computer has a publicly routable IP address and that no
   firewalls are preventing the server from communicating with the
   client. If you're using the webroot plugin, you should also verify
   that you are serving files from the webroot path you provided.

### Reloading nginx ...
cannot exec in a stopped state: unknown

It’s a new server and a new domain, I don’t understand what’s blocking. Does anyone know how to investigate further?

Leave a Reply

Your email address will not be published. Required fields are marked *