Enabling SSL with Let's Encrypt SSL no longer works
Enabling SSL with Let's Encrypt SSL no longer works for new domains introduced.
I mention that: domains already existing on the server automatically renew their SSL certificate.
OS - Ubuntu 18.04.3 LTS
ISPConfig version - 3.1.15p2
From letsencrypt.log:
Domain: www.NEWDOMAIN.info Type: connection Detail: Fetching http://www.NEWDOMAIN.info/.well-known/acme-challenge/YMWDKp9G_NuE9U9NaveR7YlLj7gQepwT6q3epkQINjM: Timeout during connect (likely firewall problem)
To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are preventing the server from communicating with the client. If you're using the webroot plugin, you should also verify that you are serving files from the webroot path you provided. 2019-11-25 04:13:16,409:DEBUG:certbot.error_handler:Encountered exception: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 82, in handle_authorizations self._respond(aauthzrs, resp, best_effort) File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 155, in _respond self._poll_challenges(aauthzrs, chall_update, best_effort) File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 226, in _poll_challenges raise errors.FailedChallenges(all_failed_achalls) certbot.errors.FailedChallenges: Failed authorization procedure. www.NEWDOMAIN.info (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://www.NEWDOMAIN.info/.well-known/acme-challenge/YMWDKp9G_NuE9U9NaveR7YlLj7gQepwT6q3epkQINjM: Timeout during connect (likely firewall problem)
2019-11-25 04:13:16,410:DEBUG:certbot.error_handler:Calling registered functions 2019-11-25 04:13:16,410:INFO:certbot.auth_handler:Cleaning up challenges 2019-11-25 04:13:16,410:DEBUG:certbot.plugins.webroot:Removing /usr/local/ispconfig/interface/acme/.well-known/acme-challenge/dERQuY0kdtWojM_crI2H_iq6o39SxmwA839S9x68t5w 2019-11-25 04:13:16,411:DEBUG:certbot.plugins.webroot:Removing /usr/local/ispconfig/interface/acme/.well-known/acme-challenge/YMWDKp9G_NuE9U9NaveR7YlLj7gQepwT6q3epkQINjM 2019-11-25 04:13:16,412:DEBUG:certbot.plugins.webroot:All challenges cleaned up 2019-11-25 04:13:16,412:DEBUG:certbot.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/letsencrypt", line 11, in load_entry_point('certbot==0.27.0', 'console_scripts', 'certbot')() File "/usr/lib/python3/dist-packages/certbot/main.py", line 1364, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/main.py", line 1254, in certonly lineage = _get_and_save_cert(le_client, config, domains, certname, lineage) File "/usr/lib/python3/dist-packages/certbot/main.py", line 120, in _get_and_save_cert lineage = le_client.obtain_and_enroll_certificate(domains, certname) File "/usr/lib/python3/dist-packages/certbot/client.py", line 391, in obtain_and_enroll_certificate cert, chain, key, _ = self.obtain_certificate(domains) File "/usr/lib/python3/dist-packages/certbot/client.py", line 334, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/lib/python3/dist-packages/certbot/client.py", line 370, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, best_effort) File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 82, in handle_authorizations self._respond(aauthzrs, resp, best_effort) File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 155, in _respond self._poll_challenges(aauthzrs, chall_update, best_effort) File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 226, in _poll_challenges raise errors.FailedChallenges(all_failed_achalls) certbot.errors.FailedChallenges: Failed authorization procedure. www.NEWDOMAIN.info (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://www.NEWDOMAIN.info/.well-known/acme-challenge/YMWDKp9G_NuE9U9NaveR7YlLj7gQepwT6q3epkQINjM: Timeout during connect (likely firewall problem)