Hi All, suddenly I can't update my certs for my domains. I use tailscale also for almost 8 months. ``` [Wed 06 Aug 2025 12:24:17 PM CEST] Renewing: 'funkowall.com' [Wed 06 Aug 2025 12:24:17 PM CEST] Renewing using Le_API=https://acme-v02.api.letsencrypt.org/directory [Wed 06 Aug 2025 12:24:18 PM CEST] Using CA: https://acme-v02.api.letsencrypt.org/directory [Wed 06 Aug 2025 12:24:18 PM CEST] Using pre-generated key: /root/.acme.sh/funkowall.com/funkowall.com.key.next [Wed 06 Aug 2025 12:24:18 PM CEST] Generating next pre-generate key. [Wed 06 Aug 2025 12:24:18 PM CEST] Multi domain='DNS:funkowall.com,DNS:www.funkowall.com' [Wed 06 Aug 2025 12:24:21 PM CEST] Getting webroot for domain='funkowall.com' [Wed 06 Aug 2025 12:24:21 PM CEST] Getting webroot for domain='www.funkowall.com' [Wed 06 Aug 2025 12:24:21 PM CEST] Verifying: funkowall.com [Wed 06 Aug 2025 12:24:22 PM CEST] Pending. The CA is processing your order, please wait. (1/30) [Wed 06 Aug 2025 12:24:26 PM CEST] Pending. The CA is processing your order, please wait. (2/30) [Wed 06 Aug 2025 12:24:29 PM CEST] Pending. The CA is processing your order, please wait. (3/30) [Wed 06 Aug 2025 12:24:33 PM CEST] funkowall.com: Invalid status. Verification error details: 93.115.20.194: Fetching http://funkowall.com/.well-known/acme-challenge/eOZ 9gLKna2BYJCMdL0AuxmvvJLP7gjwscpsLeFsVffw: Timeout during connect (likely firewall problem) [Wed 06 Aug 2025 12:24:33 PM CEST] Please check log file for more details: /var/log/ispconfig/acme.log [Wed 06 Aug 2025 12:24:35 PM CEST] Error renewing funkowall.com. ``` First I thought it was a Tailscale issue, so removed that one because that was last thing I installed it. There is no difference. Same issue. I added also a clean log of this action. Can someone help me with this? Thanks already!!!!
It says it right there. It can't connect and gets a timeout, which is likely a firewall issue. Did you check that you can reach your server from external sources? And please check the Let's Encrypt FAQ pinned in the forum.
Your server is not reachable from the internet. That is the issue. You now need to figure out why, but as already mentioned this is most likely a firewall issue either a firewall at the "network level" or the firewall on the server itself. Code: # curl -Is --connect-timeout 10 -vvv funkowall.com * Host funkowall.com:80 was resolved. * IPv6: (none) * IPv4: 93.115.20.194 * Trying 93.115.20.194:80... * ipv4 connect timeout after 9979ms, move on! * Failed to connect to funkowall.com port 80 after 10002 ms: Timeout was reached * Closing connection
I changed the 'listen 80' to 'listen 8080'. Maybe because all my sites are on 443 and ... don't know why... And there was no issue, because the certs where all still valid... I changed it back and whoops.. done.. All certs are updated Sorry for the post in the first place, it wasn't needed... Thanks for all the replies !!
