Hi
I have UTM 9, version 9.703-3. I wanted to create a Let'sEncrypt certificate for the WebAdmin. I went to Remote Access -> Certificate Management -> New Certificate. I chose Method: Let'sEncrypt, and in Interface, the only option was "Internal (Address)". However, I got the error "An error occurred while communicating with the Let’s Encrypt server. Automatic renewals will be tried again during the next renewal attempt. Manual renewal can be attempted again at any time."
Any ideas?
The letsencrypt.log shows
2020:07:13-10:06:02 sophos letsencrypt[18586]: I Renew certificate: running command: /var/storage/chroot-reverseproxy/usr/dehydrated/bin/dehydrated -x -f /var/storage/chroot-reverseproxy/usr/dehydrated/conf/config -c --accept-terms --domain sophos.example.com
2020:07:13-10:06:23 sophos letsencrypt[18586]: I Renew certificate: command completed with exit code 256
2020:07:13-10:06:23 sophos letsencrypt[18586]: E Renew certificate: COMMAND_FAILED: ERROR: Challenge is invalid! (returned: invalid) (result: {
2020:07:13-10:06:23 sophos letsencrypt[18586]: E Renew certificate: COMMAND_FAILED: "type": "http-01",
2020:07:13-10:06:23 sophos letsencrypt[18586]: E Renew certificate: COMMAND_FAILED: "status": "invalid",
2020:07:13-10:06:23 sophos letsencrypt[18586]: E Renew certificate: COMMAND_FAILED: "error": {
2020:07:13-10:06:23 sophos letsencrypt[18586]: E Renew certificate: COMMAND_FAILED: "type": "urn:ietf:params:acme:error:connection",
2020:07:13-10:06:23 sophos letsencrypt[18586]: E Renew certificate: COMMAND_FAILED: "detail": "Fetching sophos.example.com/.../foo_-bar: Timeout during connect (likely firewall problem)",
2020:07:13-10:06:23 sophos letsencrypt[18586]: E Renew certificate: COMMAND_FAILED: "status": 400
2020:07:13-10:06:23 sophos letsencrypt[18586]: E Renew certificate: COMMAND_FAILED: },
2020:07:13-10:06:23 sophos letsencrypt[18586]: E Renew certificate: COMMAND_FAILED: "url": "acme-v02.api.letsencrypt.org/.../u0bkFQ",
2020:07:13-10:06:23 sophos letsencrypt[18586]: E Renew certificate: COMMAND_FAILED: "token": "foo_-bar",
2020:07:13-10:06:23 sophos letsencrypt[18586]: E Renew certificate: COMMAND_FAILED: "validationRecord": [
2020:07:13-10:06:23 sophos letsencrypt[18586]: E Renew certificate: COMMAND_FAILED: {
2020:07:13-10:06:23 sophos letsencrypt[18586]: E Renew certificate: COMMAND_FAILED: "url": "sophos.example.com/.../foo_-bar",
2020:07:13-10:06:23 sophos letsencrypt[18586]: E Renew certificate: COMMAND_FAILED: "hostname": "sophos.example.com",
2020:07:13-10:06:23 sophos letsencrypt[18586]: E Renew certificate: COMMAND_FAILED: "port": "80",
2020:07:13-10:06:23 sophos letsencrypt[18586]: E Renew certificate: COMMAND_FAILED: "addressesResolved": [
2020:07:13-10:06:23 sophos letsencrypt[18586]: E Renew certificate: COMMAND_FAILED: "1.2.3.4"
2020:07:13-10:06:23 sophos letsencrypt[18586]: E Renew certificate: COMMAND_FAILED: ],
2020:07:13-10:06:23 sophos letsencrypt[18586]: E Renew certificate: COMMAND_FAILED: "addressUsed": "1.2.3.4"
2020:07:13-10:06:23 sophos letsencrypt[18586]: E Renew certificate: COMMAND_FAILED: }
2020:07:13-10:06:23 sophos letsencrypt[18586]: E Renew certificate: COMMAND_FAILED: ]
2020:07:13-10:06:23 sophos letsencrypt[18586]: E Renew certificate: COMMAND_FAILED: })
2020:07:13-10:06:24 sophos letsencrypt[18586]: I Renew certificate: sending notification WARN-603
2020:07:13-10:06:24 sophos letsencrypt[18586]: [WARN-603] Let's Encrypt certificate renewal failed accessing Let's Encrypt service
2020:07:13-10:06:24 sophos letsencrypt[18586]: I Renew certificate: execution completed (CSRs renewed: 0, failed: 1)
This thread was automatically locked due to age.
