Hello all,
This might be a simple fix but I can't figure out what to do, any help is appreciated!. I have enabled let's encrypt in UTM 9.7. Now when I try to enable certificate it keeps telling me the below
"An error occurred while communicating with the Let’s Encrypt server. Automatic renewals will be tried again during the next renewal attempt. Manual renewal can be attempted again at any time."
I've tried various fixes found online but can't get it to work. Some things I've tried.
1. Make sure letsencrypt api host can be resolved via DNS.
2. Made sure no DNAT rules exist.
3. Disabled and re-anabled LE service.
4. Restarted firewall.
Logs is telling me this:
2020:01:06-13:17:02 utm1 letsencrypt[11031]: I Renew certificate: handling CSR REF_CaCsrRdhollatec for domain set [x.x.com]
2020:01:06-13:17:02 utm1 letsencrypt[11031]: I Renew certificate: running command: /var/storage/chroot-reverseproxy/usr/dehydrated/bin/dehydrated -x -f /var/storage/chroot-reverseproxy/usr/dehydrated/conf/config -c --accept-terms --domain x.x.com
2020:01:06-13:17:19 utm1 letsencrypt[11031]: I Renew certificate: command completed with exit code 256
2020:01:06-13:17:19 utm1 letsencrypt[11031]: E Renew certificate: COMMAND_FAILED: ERROR: Challenge is invalid! (returned: invalid) (result: {
2020:01:06-13:17:19 utm1 letsencrypt[11031]: E Renew certificate: COMMAND_FAILED: "type": "http-01",
2020:01:06-13:17:19 utm1 letsencrypt[11031]: E Renew certificate: COMMAND_FAILED: "status": "invalid",
2020:01:06-13:17:19 utm1 letsencrypt[11031]: E Renew certificate: COMMAND_FAILED: "error": {
2020:01:06-13:17:19 utm1 letsencrypt[11031]: E Renew certificate: COMMAND_FAILED: "type": "urn:ietf:params:acme:error:connection",
2020:01:06-13:17:19 utm1 letsencrypt[11031]: E Renew certificate: COMMAND_FAILED: "detail": "Fetching x.x.com/.../HTUUJTdfJae1ifUe9SIy8n4KecnJN7g3nS4Zrfz5srs: Timeout during connect (likely firewall problem)",
2020:01:06-13:17:19 utm1 letsencrypt[11031]: E Renew certificate: COMMAND_FAILED: "status": 400
2020:01:06-13:17:19 utm1 letsencrypt[11031]: E Renew certificate: COMMAND_FAILED: },
2020:01:06-13:17:19 utm1 letsencrypt[11031]: E Renew certificate: COMMAND_FAILED: "url": "acme-v02.api.letsencrypt.org/.../LLTUdQ",
2020:01:06-13:17:19 utm1 letsencrypt[11031]: E Renew certificate: COMMAND_FAILED: "token": "HTUUJTdfJae1ifUe9SIy8n4KecnJN7g3nS4Zrfz5srs",
2020:01:06-13:17:19 utm1 letsencrypt[11031]: E Renew certificate: COMMAND_FAILED: "validationRecord": [
2020:01:06-13:17:19 utm1 letsencrypt[11031]: E Renew certificate: COMMAND_FAILED: {
2020:01:06-13:17:19 utm1 letsencrypt[11031]: E Renew certificate: COMMAND_FAILED: "url": "x.x.com/.../HTUUJTdfJae1ifUe9SIy8n4KecnJN7g3nS4Zrfz5srs",
2020:01:06-13:17:19 utm1 letsencrypt[11031]: E Renew certificate: COMMAND_FAILED: "hostname": "x.x.com",
2020:01:06-13:17:19 utm1 letsencrypt[11031]: E Renew certificate: COMMAND_FAILED: "port": "80",
2020:01:06-13:17:19 utm1 letsencrypt[11031]: E Renew certificate: COMMAND_FAILED: "addressesResolved": [
2020:01:06-13:17:19 utm1 letsencrypt[11031]: E Renew certificate: COMMAND_FAILED: "x.x.x.x"
2020:01:06-13:17:19 utm1 letsencrypt[11031]: E Renew certificate: COMMAND_FAILED: ],
2020:01:06-13:17:19 utm1 letsencrypt[11031]: E Renew certificate: COMMAND_FAILED: "addressUsed": "x.x.x.x"
2020:01:06-13:17:19 utm1 letsencrypt[11031]: E Renew certificate: COMMAND_FAILED: }
2020:01:06-13:17:19 utm1 letsencrypt[11031]: E Renew certificate: COMMAND_FAILED: ]
2020:01:06-13:17:19 utm1 letsencrypt[11031]: E Renew certificate: COMMAND_FAILED: })
2020:01:06-13:17:19 utm1 letsencrypt[11031]: I Renew certificate: sending notification WARN-603
2020:01:06-13:17:19 utm1 letsencrypt[11031]: [WARN-603] Let's Encrypt certificate renewal failed accessing Let's Encrypt service
2020:01:06-13:17:19 utm1 letsencrypt[11031]: I Renew certificate: execution completed (CSRs renewed: 0, failed: 1)
This thread was automatically locked due to age.
