Hello,
I am new here - just installed UCS and wanted to lock it down so I installed the Let’s Encrypt app. I inserted my domain and selected Use Apache but my status is as follows:
Current status of the App
ValueError: Challenge did not pass for cloud.keypointpartners.com: {u'status': u'invalid', u'challenges': [{u'status': u'invalid', u'validationRecord': [{u'url': u'http://cloud.keypointpartners.com/.well-known/acme-challenge/LvF3Ak3tChXe0BqZ1T6oS5pe6sC64gkbgiGq_1RyADg', u'hostname': u'cloud.keypointpartners.com', u'addressUsed': u'100.0.24.202', u'port': u'80', u'addressesResolved': [u'100.0.24.202']}], u'url': u'https://acme-v02.api.letsencrypt.org/acme/chall-v3/11465306451/UwGiNw', u'token': u'LvF3Ak3tChXe0BqZ1T6oS5pe6sC64gkbgiGq_1RyADg', u'error': {u'status': 400, u'type': u'urn:ietf:params:acme:error:connection', u'detail': u'Fetching http://cloud.keypointpartners.com/.well-known/acme-challenge/LvF3Ak3tChXe0BqZ1T6oS5pe6sC64gkbgiGq_1RyADg: Timeout after connect (your server may be slow or overloaded)'}, u'type': u'http-01'}], u'identifier': {u'type': u'dns', u'value': u'cloud.keypointpartners.com'}, u'expires': u'2021-03-17T22:09:58Z'}
My Let’s Encrypt log looks like:
> Wed Mar 10 15:30:27 EST 2021
> Refreshing certificate for following domains:
> cloud.keypointpartners.com
> Parsing account key...
> Parsing CSR...
> Found domains: cloud.keypointpartners.com
> Getting directory...
> Directory found!
> Registering account...
> Registered!
> Creating new order...
> Order created!
> Verifying cloud.keypointpartners.com...
> Traceback (most recent call last):
> File "/usr/share/univention-letsencrypt/acme_tiny.py", line 197, in <module>
> main(sys.argv[1:])
> File "/usr/share/univention-letsencrypt/acme_tiny.py", line 193, in main
> signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, log=LOGGER, CA=args.ca, disable_check=args.disable_check, directory_url=args.directory_url, contact=args.contact)
> File "/usr/share/univention-letsencrypt/acme_tiny.py", line 149, in get_crt
> raise ValueError("Challenge did not pass for {0}: {1}".format(domain, authorization))
> ValueError: Challenge did not pass for cloud.keypointpartners.com: {u'status': u'invalid', u'challenges': [{u'status': u'invalid', u'validationRecord': [{u'url': u'http://cloud.keypointpar$
> Create letsencrypt/status
> Setting letsencrypt/services/apache2
> File: /etc/apache2/sites-available/univention-letsencrypt.conf
> W: The config registry variable 'apache2/ssl/certificatechain' does not exist
> Unsetting apache2/ssl/certificate
> Unsetting apache2/ssl/key
> Multifile: /etc/simplesamlphp/metadata/saml20-idp-hosted.php
> Multifile: /etc/apache2/sites-available/default-ssl.conf
I have both ports 80 and 443 open on my firewall.
Any help is greatly appreciated. Thank you.