Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Connection refused #10

Closed
yanlinaung30 opened this issue Mar 19, 2019 · 7 comments
Closed

Connection refused #10

yanlinaung30 opened this issue Mar 19, 2019 · 7 comments

Comments

@yanlinaung30
Copy link

yanlinaung30 commented Mar 19, 2019
edited
Loading 

sudo ./init-letsencrypt.sh
.
.
.
.
.
### Requesting Let's Encrypt certificate for mydomain.org ...
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project and the non-profit
organization that develops Certbot? We'd like to send you email about our work
encrypting the web, EFF news, campaigns, and ways to support digital freedom.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: Y
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for mydomain.org
Using the webroot path /var/www/certbot for all unmatched domains.
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. mydomain.org (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://mydomain.org/.well-known/acme-challenge/y1TyeXK2Il0hfnqROt-3Arn_6Oq28ffL4kshJZ50pic: Connection refused

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: mydomain.org
   Type:   connection
   Detail: Fetching
   http://mydomain.org/.well-known/acme-challenge/y1TyeXK2Il0hfnqROt-3Arn_6Oq28ffL4kshJZ50pic:
   Connection refused

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address. Additionally, please check that
   your computer has a publicly routable IP address and that no
   firewalls are preventing the server from communicating with the
   client. If you're using the webroot plugin, you should also verify
   that you are serving files from the webroot path you provided.
 - Your account credentials have been saved in your Certbot
   configuration directory at /etc/letsencrypt. You should make a
   secure backup of this folder now. This configuration directory will
   also contain certificates and private keys obtained by Certbot so
   making regular backups of this folder is ideal.

### Reloading nginx ...
Error response from daemon: Container 67f553b92423babaf66bc1aeea04c62dfc8ebcec58c586001f48b619f3433d12 is restarting, wait until the container is running
@wmnnd
Copy link
Owner

wmnnd commented Mar 19, 2019

What do the rest of your output and the docker-compose.yml look like?

@yanlinaung30
Copy link
Author

yanlinaung30 commented Mar 19, 2019
edited
Loading

@wmnnd nginx-certbot is on the same server. So a webserver by nginx is run on host server. And then error message is changed to the following.
I edited docker-compose.yml ports as 81:80

sudo ./init-letsencrypt.sh
Existing data found for mydomain.org. Continue and replace existing certificate? (y/N) y
### Creating dummy certificate for mydomain.org ...
Generating a RSA private key
..................+++++
..........................................+++++
writing new private key to '/etc/letsencrypt/live/mydomain.org/privkey.pem'
-----

### Starting nginx ...
Recreating nginx-lets-encrypt_nginx_1 ... done

### Deleting dummy certificate for mydomain.org ...

### Requesting Let's Encrypt certificate for mydomain.org ...
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for mydomain.org
Using the webroot path /var/www/certbot for all unmatched domains.
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. mydomain.org (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://mydomain.org/.well-known/acme-challenge/YL-7bc_Y-riqfL0H8XrVuY3aq7ui2IlhzLMU8WmWy1A [207.148.120.13]: "<html>\r\n<head><title>404 Not Found</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>404 Not Found</h1></center>\r\n<hr><center>"

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: mydomain.org
   Type:   unauthorized
   Detail: Invalid response from
   http://mydomain.org/.well-known/acme-challenge/YL-7bc_Y-riqfL0H8XrVuY3aq7ui2IlhzLMU8WmWy1A
   [207.148.120.13]: "<html>\r\n<head><title>404 Not
   Found</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>404
   Not Found</h1></center>\r\n<hr><center>"

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address.

### Reloading nginx ...
2019/03/19 07:46:45 [notice] 9#9: signal process started

@yanlinaung30
Copy link
Author

After that sudo docker-compose up results as like the following.

sudo docker-compose up
[sudo] password for yan:
Starting nginx-lets-encrypt_certbot_1 ... done
Starting nginx-lets-encrypt_nginx_1   ... done
Attaching to nginx-lets-encrypt_certbot_1, nginx-lets-encrypt_nginx_1
certbot_1  | Saving debug log to /var/log/letsencrypt/letsencrypt.log
certbot_1  |
certbot_1  | - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
certbot_1  |
certbot_1  | No renewals were attempted.
certbot_1  | - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

@yanlinaung30
Copy link
Author

@wmnnd It works! I copy index.html file to nginx container and change root for / to that folder. Everything works flawlessly. Thank you!

@MatteoGioioso MatteoGioioso mentioned this issue Mar 27, 2019
Closed
@AndreasJJ AndreasJJ mentioned this issue Jun 3, 2019
Closed
@YoniSchirris
Copy link

@yanlinaung30 I don't understand your solution. Could you clarify?

@Uzzije
Copy link

Uzzije commented May 10, 2020
edited
Loading

@YoniSchirris I had the same issue. What fixed it for me was making sure the local folder containing nginx.conf was mounted to /etc/nginx/conf.d in docker-compose.yml. This is needed to get the SSL certificate keys for validation, I believe. The example had it as ./data/nginx:/etc/nginx/conf.d but my Nginx location was in ./docker/nginx hence ./docker/nginx:/etc/nginx/conf.d. Hope this helps

@sillycube
Copy link

@YoniSchirris I had the same issue. What fixed it for me was making sure the local folder containing nginx.conf was mounted to /etc/nginx/conf.d in docker-compose.yml. This is needed to get the SSL certificate keys for validation, I believe. The example had it as ./data/nginx:/etc/nginx/conf.d but my Nginx location was in ./docker/nginx hence ./docker/nginx:/etc/nginx/conf.d. Hope this helps

I've benn spending half a day just for this stupid issue. Thank you, you save my life! :-)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@sillycube @yanlinaung30 @Uzzije @wmnnd @YoniSchirris