[SOLVED] Letsencrypt renew fails

Robert Dahlem

Active Member
May 7, 2018
14
1
43
60
Hello,

I'm on 6.4-13. All of a sudden Letsencrypt certificate renewals are failing:

Getting authorization details from 'https://acme-v02.api.letsencrypt.org/acme/authz-v3/17197269920' The validation for my.fqdn is pending! Setting up webserver Triggering validation Sleeping for 5 seconds Status is still 'pending', trying again in 10 seconds TASK ERROR: validating challenge 'https://acme-v02.api.letsencrypt.org/acme/authz-v3/17197269920' failed - status: invalid

With tcpdump I can see that traffic arrives for port 80 but for requests like GET /.well-known/acme-challenge/zyZNeh3IT5I8eVT6P5lJXhxI-zaBwuZMFfTMlcpomaw HTTP/1.1
I see HTTP/1.1 404 Not Found

That proves that
  • my port 80 is reachable from the internet
  • the requested domain resolves to my Proxmox system
I don't see another listener on port 80 (lsof -i :80).

Is there anything I can do to debug this?

Regards,
Robert
 
Ouch! Port 80 was forwarded to a different machine. I should have checked that tcpdump actually saw incoming traffic.
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!