Code:
Initialized: <certbot.plugins.webroot.Authenticator object at 0x8096084d0>
Prep: True
2017-01-19 01:18:10,330:DEBUG:certbot.plugins.selection:Selected authenticator <certbot.plugins.webroot.Authenticator object at 0x8096084d0> and installer None
2017-01-19 01:18:10,356:DEBUG:certbot.main:Picked account: <Account(82ce403afb596c1db5e7d4619d9d79de)>
2017-01-19 01:18:10,357:DEBUG:root:Sending GET request to https://acme-v01.api.letsencrypt.org/directory. args: (), kwargs: {}
2017-01-19 01:18:10,360:INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
2017-01-19 01:18:10,578:DEBUG:requests.packages.urllib3.connectionpool:"GET /directory HTTP/1.1" 200 352
2017-01-19 01:18:10,579:DEBUG:root:Received <Response [200]>. Headers: {'Content-Length': '352', 'Expires': 'Thu, 19 Jan 2017 01:18:10 GMT', 'Boulder-Request-Id': '6tyz_Rgexxdr9ekretwkFNe6Xkwv9Spc81ySNQ55OGg', 'Strict-Transport-Security': 'max-age=604800', 'Server': 'n$
2017-01-19 01:18:10,579:DEBUG:acme.client:Received response <Response [200]> (headers: {'Content-Length': '352', 'Expires': 'Thu, 19 Jan 2017 01:18:10 GMT', 'Boulder-Request-Id': '6tyz_Rgexxdr9ekretwkFNe6Xkwv9Spc81ySNQ55OGg', 'Strict-Transport-Security': 'max-age=60480$
2017-01-19 01:18:10,580:INFO:certbot.main:Obtaining a new certificate
2017-01-19 01:18:10,589:DEBUG:root:Requesting fresh nonce
2017-01-19 01:18:10,590:DEBUG:root:Sending HEAD request to https://acme-v01.api.letsencrypt.org/acme/new-authz. args: (), kwargs: {}
2017-01-19 01:18:10,701:DEBUG:requests.packages.urllib3.connectionpool:"HEAD /acme/new-authz HTTP/1.1" 405 0
2017-01-19 01:18:10,702:DEBUG:root:Received <Response [405]>. Headers: {'Content-Length': '91', 'Pragma': 'no-cache', 'Boulder-Request-Id': 'engRvihRu0L_QTvNY2btlZwFrH__Nuw3ErA6jbuz2nc', 'Expires': 'Thu, 19 Jan 2017 01:18:10 GMT', 'Server': 'nginx', 'Connection': 'keep$
2017-01-19 01:18:10,702:DEBUG:acme.client:Storing nonce: '\xa5Z\x08\x7f\xa1<\xac\x95z\xac {\xd6\xe4\xee\x17\\5\x02\x9d\xb6{\x07\xd8e\x9b\xc0\xc5\x82\x15\xc2K'
2017-01-19 01:18:10,703:DEBUG:acme.jose.json_util:Omitted empty fields: expires=None, status=None, challenges=None, combinations=None
2017-01-19 01:18:10,703:DEBUG:acme.client:Serialized JSON: {"identifier": {"type": "dns", "value": "<domain_name>"}, "resource": "new-authz"}
2017-01-19 01:18:10,704:DEBUG:acme.jose.json_util:Omitted empty fields: jwk=None, x5c=(), crit=(), kid=None, jku=None, typ=None, x5u=None, cty=None, x5tS256=None, x5t=None, alg=None
2017-01-19 01:18:10,706:DEBUG:acme.jose.json_util:Omitted empty fields: x5c=(), crit=(), nonce=None, kid=None, jku=None, typ=None, x5u=None, cty=None, x5tS256=None, x5t=None
2017-01-19 01:18:10,706:DEBUG:root:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz. args: (), kwargs: {'data': '{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "u_O-T2nYY3FJT2WCfDXDnJxRi3XjBI7vPe20iykX8xDuTW57OiRvY6I-ZpsB$
2017-01-19 01:18:10,866:DEBUG:requests.packages.urllib3.connectionpool:"POST /acme/new-authz HTTP/1.1" 201 1003
2017-01-19 01:18:10,867:DEBUG:root:Received <Response [201]>. Headers: {'Content-Length': '1003', 'Expires': 'Thu, 19 Jan 2017 01:18:10 GMT', 'Boulder-Request-Id': 'IvLotzhpwwJWKGS-VUk2V1Pw1V0cODPig2g1ThVbq1s', 'Strict-Transport-Security': 'max-age=604800', 'Server': '$
2017-01-19 01:18:10,867:DEBUG:acme.client:Storing nonce: '\x05\xcc\x05\xa9(T*PU\x8f\x7f\xa1\x87Z\x8f\xf63\xdf\xf6}\xf2\xf6j\xea@6P\xa2\xf9zY\xb6'
2017-01-19 01:18:10,867:DEBUG:acme.client:Received response <Response [201]> (headers: {'Content-Length': '1003', 'Expires': 'Thu, 19 Jan 2017 01:18:10 GMT', 'Boulder-Request-Id': 'IvLotzhpwwJWKGS-VUk2V1Pw1V0cODPig2g1ThVbq1s', 'Strict-Transport-Security': 'max-age=6048$
2017-01-19 01:18:10,868:INFO:certbot.auth_handler:Performing the following challenges:
2017-01-19 01:18:10,879:INFO:certbot.auth_handler:http-01 challenge for <domain_name>
2017-01-19 01:18:10,889:INFO:certbot.plugins.webroot:Using the webroot path /usr/local/www for all unmatched domains.
2017-01-19 01:18:10,898:DEBUG:certbot.plugins.webroot:Creating root challenges validation dir at /usr/local/www/.well-known/acme-challenge
2017-01-19 01:18:10,903:DEBUG:certbot.plugins.webroot:Attempting to save validation to /usr/local/www/.well-known/acme-challenge/u-K_gu9IT___3Bd0_6w9vvAgjdI2ozbunmNoMeMUI-8
2017-01-19 01:18:10,903:INFO:certbot.auth_handler:Waiting for verification...
2017-01-19 01:18:10,949:DEBUG:acme.client:Serialized JSON: {"keyAuthorization": "u-K_gu9IT___3Bd0_6w9vvAgjdI2ozbunmNoMeMUI-8.89yJ2FJbbKxI3ee8rwC_KoT6um5OCz9i-kw0hz7ATDQ", "type": "http-01", "resource": "challenge"}
2017-01-19 01:18:10,951:DEBUG:acme.jose.json_util:Omitted empty fields: jwk=None, x5c=(), crit=(), kid=None, jku=None, typ=None, x5u=None, cty=None, x5tS256=None, x5t=None, alg=None
2017-01-19 01:18:10,953:DEBUG:acme.jose.json_util:Omitted empty fields: x5c=(), crit=(), nonce=None, kid=None, jku=None, typ=None, x5u=None, cty=None, x5tS256=None, x5t=None
2017-01-19 01:18:10,953:DEBUG:root:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/challenge/Q-ztqYd7P__Ka8OWCSqU4iLy4dBbB9-KCMV2bCKTT0U/516469775. args: (), kwargs: {'data': '{"header": {"alg": "RS256", "jwk": {"e": "AQAB", "kty": "RSA", "n": "u_O-T2$
2017-01-19 01:18:11,135:DEBUG:requests.packages.urllib3.connectionpool:"POST /acme/challenge/Q-ztqYd7P__Ka8OWCSqU4iLy4dBbB9-KCMV2bCKTT0U/516469775 HTTP/1.1" 202 335
2017-01-19 01:18:11,136:DEBUG:root:Received <Response [202]>. Headers: {'Content-Length': '335', 'Boulder-Request-Id': 'AUDKZ1QlXgkoxy9GkDp7XGE-elZ1_c3MX_HpcUYTtR0', 'Expires': 'Thu, 19 Jan 2017 01:18:11 GMT', 'Server': 'nginx', 'Cache-Control': 'max-age=0, no-cache, n$
2017-01-19 01:18:11,136:DEBUG:acme.client:Storing nonce: "\xbb\x14Ve'\xba\xf8O\x9b\x18\x16\x10\xa4\x17\xce(2\x04\xaa\x01\xe4\xce\xde\xc2\xeaS\xb1\x8b\x18\xccD)"
2017-01-19 01:18:11,137:DEBUG:acme.client:Received response <Response [202]> (headers: {'Content-Length': '335', 'Boulder-Request-Id': 'AUDKZ1QlXgkoxy9GkDp7XGE-elZ1_c3MX_HpcUYTtR0', 'Expires': 'Thu, 19 Jan 2017 01:18:11 GMT', 'Server': 'nginx', 'Cache-Control': 'max-ag$
2017-01-19 01:18:14,138:DEBUG:root:Sending GET request to https://acme-v01.api.letsencrypt.org/acme/authz/Q-ztqYd7P__Ka8OWCSqU4iLy4dBbB9-KCMV2bCKTT0U. args: (), kwargs: {}
2017-01-19 01:18:14,222:DEBUG:requests.packages.urllib3.connectionpool:"GET /acme/authz/Q-ztqYd7P__Ka8OWCSqU4iLy4dBbB9-KCMV2bCKTT0U HTTP/1.1" 200 1110
2017-01-19 01:18:14,223:DEBUG:root:Received <Response [200]>. Headers: {'Content-Length': '1110', 'Expires': 'Thu, 19 Jan 2017 01:18:14 GMT', 'Boulder-Request-Id': '0wBXlAyZKid9fI9gC98I1H0pK7btMAbsNJu-kz_8BMo', 'Strict-Transport-Security': 'max-age=604800', 'Server': '$
2017-01-19 01:18:14,223:DEBUG:acme.client:Received response <Response [200]> (headers: {'Content-Length': '1110', 'Expires': 'Thu, 19 Jan 2017 01:18:14 GMT', 'Boulder-Request-Id': '0wBXlAyZKid9fI9gC98I1H0pK7btMAbsNJu-kz_8BMo', 'Strict-Transport-Security': 'max-age=6048$
2017-01-19 01:18:17,239:DEBUG:root:Sending GET request to https://acme-v01.api.letsencrypt.org/acme/authz/Q-ztqYd7P__Ka8OWCSqU4iLy4dBbB9-KCMV2bCKTT0U. args: (), kwargs: {}
2017-01-19 01:18:17,331:DEBUG:requests.packages.urllib3.connectionpool:"GET /acme/authz/Q-ztqYd7P__Ka8OWCSqU4iLy4dBbB9-KCMV2bCKTT0U HTTP/1.1" 200 1623
2017-01-19 01:18:17,331:DEBUG:root:Received <Response [200]>. Headers: {'Content-Length': '1623', 'Expires': 'Thu, 19 Jan 2017 01:18:17 GMT', 'Boulder-Request-Id': 'D7a9qrTVR53W2qxVWsVdlqrDVIleCDsHFqEn1gKIcQQ', 'Strict-Transport-Security': 'max-age=604800', 'Server': '$
2017-01-19 01:18:17,332:DEBUG:acme.client:Received response <Response [200]> (headers: {'Content-Length': '1623', 'Expires': 'Thu, 19 Jan 2017 01:18:17 GMT', 'Boulder-Request-Id': 'D7a9qrTVR53W2qxVWsVdlqrDVIleCDsHFqEn1gKIcQQ', 'Strict-Transport-Security': 'max-age=6048$
2017-01-19 01:18:17,333:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server:
Domain: <domain_name>
Type: connection
Detail: Could not connect to <domain_name>
To fix these errors, please make sure that your domain name was entered correctly and the DNS A record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are prevent$
2017-01-19 01:18:17,333:INFO:certbot.auth_handler:Cleaning up challenges
2017-01-19 01:18:17,343:DEBUG:certbot.plugins.webroot:Removing /usr/local/www/.well-known/acme-challenge/u-K_gu9IT___3Bd0_6w9vvAgjdI2ozbunmNoMeMUI-8
2017-01-19 01:18:17,343:DEBUG:certbot.plugins.webroot:All challenges cleaned up, removing /usr/local/www/.well-known/acme-challenge
2017-01-19 01:18:17,344:DEBUG:certbot.main:Exiting abnormally:
Traceback (most recent call last):
File "/usr/local/bin/certbot", line 11, in <module>
load_entry_point('certbot==0.9.3', 'console_scripts', 'certbot')()
File "/usr/local/lib/python2.7/site-packages/certbot/main.py", line 776, in main
return config.func(config, plugins)
File "/usr/local/lib/python2.7/site-packages/certbot/main.py", line 563, in obtain_cert
action, _ = _auth_from_domains(le_client, config, domains, lineage)
File "/usr/local/lib/python2.7/site-packages/certbot/main.py", line 100, in _auth_from_domains
lineage = le_client.obtain_and_enroll_certificate(domains)
File "/usr/local/lib/python2.7/site-packages/certbot/client.py", line 281, in obtain_and_enroll_certificate
certr, chain, key, _ = self.obtain_certificate(domains)
File "/usr/local/lib/python2.7/site-packages/certbot/client.py", line 253, in obtain_certificate
self.config.allow_subset_of_names)
File "/usr/local/lib/python2.7/site-packages/certbot/auth_handler.py", line 78, in get_authorizations
self._respond(resp, best_effort)
File "/usr/local/lib/python2.7/site-packages/certbot/auth_handler.py", line 135, in _respond
self._poll_challenges(chall_update, best_effort)
File "/usr/local/lib/python2.7/site-packages/certbot/auth_handler.py", line 199, in _poll_challenges
raise errors.FailedChallenges(all_failed_achalls)
FailedChallenges: Failed authorization procedure. <domain_name> (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Could not connect to <domain_name>
That's a good idea. It seems that both are working on port 443 not sure why.