Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Failed to validate ownership of domainName 'barbarosa.ge'. Reason: urn:ietf:params:acme:error:connection: Timeout during connect (likely firewall problem), Code = BadRequest
See original GitHub issueI’m getting the error:
Failed to validate ownership of domainName 'barbarosa.ge'. Reason: urn:ietf:params:acme:error:connection: Timeout during connect (likely firewall problem), Code = BadRequest #208
Here’s the docker command I am issuing on my Debian 10 (Linode) server with its output:
root@li1418-221:/docker/barbarosa# docker run -p 80:80 -p 443:443 -e "ASPNETCORE_ENVIRONMENT=Production" -e ASPNETCORE_URLS="http://+;https://+" -e ASPNETCORE_HTTPS_PORT=443 --mount type=bind,source=/docker/barbarosa/root/.aspnet,target=/root/.aspnet --mount type=bind,source=/docker/barbarosa/x509stores/,target=/root/.dotnet/corefx/cryptography/x509stores/ registry.gitlab.com/appifysheets/mrda1/barbarosa
trce: LettuceEncrypt.Internal.AcmeCertificateLoader[0]
ACME state transition: moving to ServerStartupState
trce: LettuceEncrypt.Internal.AcmeCertificateLoader[0]
ACME state transition: moving to BeginCertificateCreationState
trce: LettuceEncrypt.Internal.AcmeCertificateFactory[0]
Looking for account information in /app/accounts/acme-v02.api.letsencrypt.org/directory
dbug: LettuceEncrypt.Internal.AcmeCertificateFactory[0]
Could not find account information in /app/accounts/acme-v02.api.letsencrypt.org/directory
info: LettuceEncrypt.Internal.AcmeClient[0]
Using certificate authority https://acme-v02.api.letsencrypt.org/directory
trce: LettuceEncrypt.Internal.AcmeClient[0]
ACMEv2 action: FetchTOS
trce: LettuceEncrypt.Internal.TermsOfServiceChecker[0]
Terms of service has been accepted per configuration options
info: LettuceEncrypt.Internal.AcmeCertificateFactory[0]
Creating new account for petre.chitashvili@appifysheets.com
trce: LettuceEncrypt.Internal.AcmeClient[0]
ACMEv2 action: NewAccount
info: Microsoft.Hosting.Lifetime[0]
Now listening on: http://[::]:80
info: Microsoft.Hosting.Lifetime[0]
Now listening on: https://[::]:443
info: Microsoft.Hosting.Lifetime[0]
Application started. Press Ctrl+C to shut down.
info: Microsoft.Hosting.Lifetime[0]
Hosting environment: Production
info: Microsoft.Hosting.Lifetime[0]
Content root path: /app
trce: LettuceEncrypt.Internal.AcmeCertificateFactory[0]
Saving account information to /app/accounts/acme-v02.api.letsencrypt.org/directory/133783041.json
dbug: LettuceEncrypt.Internal.AcmeCertificateFactory[0]
Saved account information to /app/accounts/acme-v02.api.letsencrypt.org/directory/133783041.json
info: LettuceEncrypt.Internal.AcmeStates.ServerStartupState[0]
Using account 133783041
info: LettuceEncrypt.Internal.AcmeStates.ServerStartupState[0]
Creating certificate for barbarosa.ge
trce: LettuceEncrypt.Internal.AcmeClient[0]
ACMEv2 action: FetchOrderList
trce: LettuceEncrypt.Internal.AcmeClient[0]
ACMEv2 action: FetchOrderDetails, (null)
dbug: LettuceEncrypt.Internal.AcmeCertificateFactory[0]
Creating new order for a certificate
trce: LettuceEncrypt.Internal.AcmeClient[0]
ACMEv2 action: NewOrder
trce: LettuceEncrypt.Internal.AcmeClient[0]
ACMEv2 action: FetchAuthorizations, https://acme-v02.api.letsencrypt.org/acme/order/133783041/11610560831
trce: LettuceEncrypt.Internal.AcmeClient[0]
ACMEv2 action: FetchAuthorizationDetails, https://acme-v02.api.letsencrypt.org/acme/authz-v3/15470041821
dbug: LettuceEncrypt.Internal.AcmeCertificateFactory[0]
Requesting authorization to create certificate for barbarosa.ge
trce: LettuceEncrypt.Internal.AcmeClient[0]
ACMEv2 action: CreateChallenge, https://acme-v02.api.letsencrypt.org/acme/authz-v3/15470041821
trce: LettuceEncrypt.Internal.TlsAlpnChallengeResponder[0]
Creating ALPN self-signed cert for barbarosa.ge and key authz 6DJJu3aZyAAdhqJrWtPT8vr0ZETjlVgqQcae2BOGUac.pUyROTeskdFSQ9BhUgnVjqmB1ypye70oAlogWhjFS3g
trce: LettuceEncrypt.Internal.AcmeCertificateFactory[0]
Waiting for server to start accepting HTTP requests
trce: LettuceEncrypt.Internal.AcmeCertificateFactory[0]
Requesting server to validate TLS/ALPN challenge
trce: LettuceEncrypt.Internal.AcmeClient[0]
ACMEv2 action: ValidateChallenge, https://acme-v02.api.letsencrypt.org/acme/chall-v3/15470041821/utdUPA
trce: LettuceEncrypt.Internal.AcmeClient[0]
ACMEv2 action: FetchAuthorizationDetails, https://acme-v02.api.letsencrypt.org/acme/authz-v3/15470041821
trce: LettuceEncrypt.Internal.AcmeCertificateFactory[0]
ACMEv2 action: GetAuthorization
trce: LettuceEncrypt.Internal.AcmeClient[0]
ACMEv2 action: FetchAuthorizationDetails, https://acme-v02.api.letsencrypt.org/acme/authz-v3/15470041821
trce: LettuceEncrypt.Internal.AcmeCertificateFactory[0]
ACMEv2 action: GetAuthorization
trce: LettuceEncrypt.Internal.AcmeClient[0]
ACMEv2 action: FetchAuthorizationDetails, https://acme-v02.api.letsencrypt.org/acme/authz-v3/15470041821
trce: LettuceEncrypt.Internal.AcmeCertificateFactory[0]
ACMEv2 action: GetAuthorization
trce: LettuceEncrypt.Internal.AcmeClient[0]
ACMEv2 action: FetchAuthorizationDetails, https://acme-v02.api.letsencrypt.org/acme/authz-v3/15470041821
trce: LettuceEncrypt.Internal.AcmeCertificateFactory[0]
ACMEv2 action: GetAuthorization
trce: LettuceEncrypt.Internal.AcmeClient[0]
ACMEv2 action: FetchAuthorizationDetails, https://acme-v02.api.letsencrypt.org/acme/authz-v3/15470041821
trce: LettuceEncrypt.Internal.AcmeCertificateFactory[0]
ACMEv2 action: GetAuthorization
trce: LettuceEncrypt.Internal.AcmeClient[0]
ACMEv2 action: FetchAuthorizationDetails, https://acme-v02.api.letsencrypt.org/acme/authz-v3/15470041821
trce: LettuceEncrypt.Internal.AcmeCertificateFactory[0]
ACMEv2 action: GetAuthorization
fail: LettuceEncrypt.Internal.AcmeCertificateFactory[0]
Failed to validate ownership of domainName 'barbarosa.ge'. Reason: urn:ietf:params:acme:error:connection: Timeout during connect (likely firewall problem), Code = BadRequest
trce: LettuceEncrypt.Internal.TlsAlpnChallengeResponder[0]
Clearing ALPN cert for barbarosa.ge
dbug: LettuceEncrypt.Internal.AcmeCertificateFactory[0]
Validation with TlsAlpn01DomainValidator failed with error: Failed to validate ownership of domainName 'barbarosa.ge'
System.InvalidOperationException: Failed to validate ownership of domainName 'barbarosa.ge'
at LettuceEncrypt.Internal.DomainOwnershipValidator.WaitForChallengeResultAsync(IAuthorizationContext authorizationContext, CancellationToken cancellationToken)
at LettuceEncrypt.Internal.TlsAlpn01DomainValidator.ValidateOwnershipAsync(IAuthorizationContext authzContext, CancellationToken cancellationToken)
at LettuceEncrypt.Internal.AcmeCertificateFactory.ValidateDomainOwnershipAsync(IAuthorizationContext authorizationContext, CancellationToken cancellationToken)
trce: LettuceEncrypt.Internal.AcmeClient[0]
ACMEv2 action: CreateChallenge, https://acme-v02.api.letsencrypt.org/acme/authz-v3/15470041821
dbug: LettuceEncrypt.Internal.AcmeCertificateFactory[0]
Validation with Http01DomainValidator failed with error: Did not receive challenge information for challenge type http-01
System.InvalidOperationException: Did not receive challenge information for challenge type http-01
at LettuceEncrypt.Internal.Http01DomainValidator.PrepareHttpChallengeResponseAsync(IAuthorizationContext authorizationContext, CancellationToken cancellationToken)
at LettuceEncrypt.Internal.Http01DomainValidator.ValidateOwnershipAsync(IAuthorizationContext authzContext, CancellationToken cancellationToken)
at LettuceEncrypt.Internal.AcmeCertificateFactory.ValidateDomainOwnershipAsync(IAuthorizationContext authorizationContext, CancellationToken cancellationToken)
fail: LettuceEncrypt.Internal.AcmeStates.ServerStartupState[0]
Failed to automatically create a certificate for barbarosa.ge
System.InvalidOperationException: Failed to validate ownership of domainName 'barbarosa.ge'
at LettuceEncrypt.Internal.AcmeCertificateFactory.ValidateDomainOwnershipAsync(IAuthorizationContext authorizationContext, CancellationToken cancellationToken)
at LettuceEncrypt.Internal.AcmeCertificateFactory.CreateCertificateAsync(CancellationToken cancellationToken)
at LettuceEncrypt.Internal.AcmeStates.BeginCertificateCreationState.MoveNextAsync(CancellationToken cancellationToken)
fail: LettuceEncrypt.Internal.AcmeCertificateLoader[0]
ACME state machine encountered unhandled error
System.InvalidOperationException: Failed to validate ownership of domainName 'barbarosa.ge'
at LettuceEncrypt.Internal.AcmeCertificateFactory.ValidateDomainOwnershipAsync(IAuthorizationContext authorizationContext, CancellationToken cancellationToken)
at LettuceEncrypt.Internal.AcmeCertificateFactory.CreateCertificateAsync(CancellationToken cancellationToken)
at LettuceEncrypt.Internal.AcmeStates.BeginCertificateCreationState.MoveNextAsync(CancellationToken cancellationToken)
at LettuceEncrypt.Internal.AcmeCertificateLoader.ExecuteAsync(CancellationToken stoppingToken)
Startup.cs adds to ConfigureServices:
services.AddLettuceEncrypt();
Program.cs:
public static IHostBuilder CreateHostBuilder(string[] args) =>
Host.CreateDefaultBuilder(args)
.ConfigureWebHostDefaults(webBuilder =>
{
webBuilder.UseStartup<Startup>();
{
webBuilder.UseKestrel(k =>
{
var appServices = k.ApplicationServices;
k.ConfigureHttpsDefaults(h =>
{
h.ClientCertificateMode = ClientCertificateMode.RequireCertificate;
h.UseLettuceEncrypt(appServices);
});
});
}
}
appsettings.json:
"LettuceEncrypt": {
"AcceptTermsOfService": true,
"DomainNames": [ "barbarosa.ge" ],
"EmailAddress": "petre.chitashvili@appifysheets.com"
},
Issue Analytics
- State:
- Created 2 years ago
- Comments:5 (2 by maintainers)
Top Results From Across the Web
Suddenly Timeout during connect (likely firewall problem) ...
Hi, I have a really strange problem. This issue Suddenly appeared last 24 or 48 hours (before all was runing well for the...
Read more >Fetching ...well-known... Timeout during connect (likely ...
Hi I have upgraded from Tomcat 7.0 to Tomcat 8.5 and now I have trouble with updating Letsencrypt. First I tried to use...
Read more >Timeout during connect (likely firewall problem) - Help - ...
Hello all! I'm using Docker env with exposed 80, 443 port. And I tested standalone and nginx plugin command for certbot.
Read more >Issue updating certificate - Timeout issues?
Just recently on our Windows Server 2019 with the latest July Updates, we have been having an issue updating the Let's Encrypt certificate ......
Read more >"Timeout during connect (likely firewall problem)" OR "Error ...
Unable to issue Let's Encrypt certificate in Plesk: “Timeout during connect (likely firewall problem)” OR “Error getting validation data” - Support Cases ...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Oh, right… I remember seeing that but chose to ignore it for no other reason but because I’m a fool 🙂
Thank you again, Nate.
Good to know. I think the part of the sample that you might have missed is https://github.com/natemcmaster/LettuceEncrypt/blob/cd68f74586f2aba4dce1d25db4762de1457ee65f/samples/Web/Program.cs#L25-L27
Glad you figured it out.