2017-07-25 17:36:17,066:DEBUG:certbot.main:certbot version: 0.16.0 2017-07-25 17:36:17,066:DEBUG:certbot.main:Arguments: ['--apache'] 2017-07-25 17:36:17,066:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2017-07-25 17:36:17,082:DEBUG:certbot.log:Root logging level set at 20 2017-07-25 17:36:17,083:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2017-07-25 17:36:17,083:DEBUG:certbot.plugins.selection:Requested authenticator apache and installer apache 2017-07-25 17:36:17,154:DEBUG:certbot_apache.configurator:Apache version is 2.2.15 2017-07-25 17:36:17,379:DEBUG:certbot.plugins.selection:Single candidate plugin: * apache Description: Apache Web Server plugin - Beta Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: apache = certbot_apache.configurator:ApacheConfigurator Initialized: Prep: True 2017-07-25 17:36:17,379:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2017-07-25 17:36:17,384:DEBUG:certbot.main:Picked account: )>)), uri=u'https://acme-v01.api.letsencrypt.org/acme/reg/19165005', new_authzr_uri=u'https://acme-v01.api.letsencrypt.org/acme/new-authz', terms_of_service=u'https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf'), 90b890fc9d56398583a601d339c329d4, Meta(creation_host=u'centos-1gb-V6-nyc1-01', creation_dt=datetime.datetime(2017, 7, 25, 14, 48, 19, tzinfo=)))> 2017-07-25 17:36:17,386:DEBUG:acme.client:Sending GET request to https://acme-v01.api.letsencrypt.org/directory. 2017-07-25 17:36:17,391:DEBUG:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org 2017-07-25 17:36:17,553:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 352 2017-07-25 17:36:17,554:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Content-Type: application/json Content-Length: 352 Boulder-Request-Id: GadzhPQtT7CCJS2DWUmalKRjx6Y1qUomOil065OpgcI Replay-Nonce: XVispZB1CuDZrg1Sst_auyItLjZN0WkDi7xHuX6o-sk X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 Expires: Tue, 25 Jul 2017 17:36:17 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Tue, 25 Jul 2017 17:36:17 GMT Connection: keep-alive { "key-change": "https://acme-v01.api.letsencrypt.org/acme/key-change", "new-authz": "https://acme-v01.api.letsencrypt.org/acme/new-authz", "new-cert": "https://acme-v01.api.letsencrypt.org/acme/new-cert", "new-reg": "https://acme-v01.api.letsencrypt.org/acme/new-reg", "revoke-cert": "https://acme-v01.api.letsencrypt.org/acme/revoke-cert" } 2017-07-25 17:36:20,787:INFO:certbot.main:Obtaining a new certificate 2017-07-25 17:36:20,787:DEBUG:acme.client:Requesting fresh nonce 2017-07-25 17:36:20,788:DEBUG:acme.client:Sending HEAD request to https://acme-v01.api.letsencrypt.org/acme/new-authz. 2017-07-25 17:36:20,860:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "HEAD /acme/new-authz HTTP/1.1" 405 0 2017-07-25 17:36:20,861:DEBUG:acme.client:Received response: HTTP 405 Server: nginx Content-Type: application/problem+json Content-Length: 91 Allow: POST Boulder-Request-Id: TPVfgjCyMsc6qRkx7KUf0m3v56HfTuuQ2aKvHJSCnpY Replay-Nonce: -AXfMY8fKKkToajJ_fcWUCBuizgBcm-fhlWsWW-HMHw Expires: Tue, 25 Jul 2017 17:36:21 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Tue, 25 Jul 2017 17:36:21 GMT Connection: keep-alive 2017-07-25 17:36:20,864:DEBUG:acme.client:Storing nonce: -AXfMY8fKKkToajJ_fcWUCBuizgBcm-fhlWsWW-HMHw 2017-07-25 17:36:20,865:DEBUG:acme.client:JWS payload: { "identifier": { "type": "dns", "value": "prueba.tboxplanet.com" }, "resource": "new-authz" } 2017-07-25 17:36:20,872:DEBUG:acme.client:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz: { "protected": "eyJub25jZSI6ICItQVhmTVk4ZktLa1RvYWpKX2ZjV1VDQnVpemdCY20tZmhsV3NXVy1ITUh3IiwgImFsZyI6ICJSUzI1NiIsICJqd2siOiB7ImUiOiAiQVFBQiIsICJrdHkiOiAiUlNBIiwgIm4iOiAidXlLLXduTTFONzdkdVhPU1RlQzNkdk94eUdwMmswYmVzS1dtQ3E1RnFiN0tkLVgyd05ndEVfdHpoT3d2R003T29zNFdfVnUtUkdzczZ1dy13aExBcHNIcl85X0I4TW9nYkdVdjV5YlhqVVRVVUlRZUczMC05SlNkb2l0MkFOVkpmWVdKdzBSSzNtQS1uTzNFd1llS3k0clZjTDRvb1o2S1NUZlFoam01VlFRendtWl9nZG1FWVFzbDNDYVVhUDlKUGRqTi1KTXJCNV9MQ0RQdFNvTUF2cjdXN0pobjJfeGxLbm1oN254c1dmZFFhSVNpREJ3VnFYdXBWdm1Hc1d5bDY5OEZCc08xdEcyOHd3RDdVRlN4WGwzb2dqaTg4UDZSNjVoQU9XYWVLQzdZVkVmel9IWnA3Njg0NldoVVV3WjBuanVGc2xEeHVRdnk4YW5ZSmFWTnhRIn19", "payload": "ewogICJpZGVudGlmaWVyIjogewogICAgInR5cGUiOiAiZG5zIiwgCiAgICAidmFsdWUiOiAicHJ1ZWJhLnRib3hwbGFuZXQuY29tIgogIH0sIAogICJyZXNvdXJjZSI6ICJuZXctYXV0aHoiCn0", "signature": "O_Y3LgEJimpaZQ_7kF-y_dLsb9fwWTnKd0VsT_IsGaInBTkb9XJRWfYpt4jWEEVVBofKlOzjUrbENJ_Ami11ZWZK4qcDg_bHZ-n3ZbQbd6ZLlqIRgtZa-UlHKuLmlB2SpxNc4l7K0eopx1_f97rfW7P1UDXb8RwBlTEWSUZ9KV8kiRZbIXa_yTDQ-a-V4lx3wmDZj0B8eYgj4y_Zt2QWQfpMYAOjV5KtvHomLjkmi-JCWUqiKHCbSmSkckS3qNhhzcMK_GnJR9Zlh8FjrE4MQY-oAP5ZsmZPk65teZlt5xZnhVK5jfijMOtnH2eC7RrRLrMTdT3n-1NUmimW3zqyFw" } 2017-07-25 17:36:21,238:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "POST /acme/new-authz HTTP/1.1" 201 1009 2017-07-25 17:36:21,240:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Content-Type: application/json Content-Length: 1009 Boulder-Request-Id: Q0GazMvpN7iCc1uWwXqkrTJHe4_1d3SU7m8EKA4np74 Boulder-Requester: 19165005 Link: ;rel="next" Location: https://acme-v01.api.letsencrypt.org/acme/authz/B1aHUs_85GmGaTr-qYfFZ26K3ApMGOiT1ll-DqmAdDA Replay-Nonce: xi4TMCIIEVaAvGRfWJpqlPSCKdNNovV-ON4uCMytmag X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 Expires: Tue, 25 Jul 2017 17:36:21 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Tue, 25 Jul 2017 17:36:21 GMT Connection: keep-alive { "identifier": { "type": "dns", "value": "prueba.tboxplanet.com" }, "status": "pending", "expires": "2017-08-01T17:36:21.431236852Z", "challenges": [ { "type": "tls-sni-01", "status": "pending", "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/B1aHUs_85GmGaTr-qYfFZ26K3ApMGOiT1ll-DqmAdDA/1616468580", "token": "YZuBttrs6_MSo7RYI2AOxuYUqCko52ndBs93yT6mAcc" }, { "type": "http-01", "status": "pending", "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/B1aHUs_85GmGaTr-qYfFZ26K3ApMGOiT1ll-DqmAdDA/1616468582", "token": "WNsWN5f7kNZqNlTG3hCJXGCC9a6jdnSFUiSbI1XrWIU" }, { "type": "dns-01", "status": "pending", "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/B1aHUs_85GmGaTr-qYfFZ26K3ApMGOiT1ll-DqmAdDA/1616468583", "token": "P-RdhT0AhBKQdqjVOFRYZTL4Hu94spL2xtda8vuEf0w" } ], "combinations": [ [ 1 ], [ 2 ], [ 0 ] ] } 2017-07-25 17:36:21,240:DEBUG:acme.client:Storing nonce: xi4TMCIIEVaAvGRfWJpqlPSCKdNNovV-ON4uCMytmag 2017-07-25 17:36:21,242:INFO:certbot.auth_handler:Performing the following challenges: 2017-07-25 17:36:21,243:INFO:certbot.auth_handler:tls-sni-01 challenge for prueba.tboxplanet.com 2017-07-25 17:36:21,586:DEBUG:certbot_apache.tls_sni_01:Adding Include /etc/httpd/conf.d/le_tls_sni_01_cert_challenge.conf to /files/etc/httpd/conf/httpd.conf 2017-07-25 17:36:21,587:DEBUG:certbot_apache.tls_sni_01:writing a config file with text: ServerName 3ebac6aef92d93ba1981bd989f3965ab.4eedd865ea0749b3c283c4ba8e4fb50e.acme.invalid UseCanonicalName on SSLStrictSNIVHostCheck on LimitRequestBody 1048576 Include /etc/letsencrypt/options-ssl-apache.conf SSLCertificateFile /var/lib/letsencrypt/YZuBttrs6_MSo7RYI2AOxuYUqCko52ndBs93yT6mAcc.crt SSLCertificateKeyFile /var/lib/letsencrypt/YZuBttrs6_MSo7RYI2AOxuYUqCko52ndBs93yT6mAcc.pem DocumentRoot /var/lib/letsencrypt/tls_sni_01_page/ 2017-07-25 17:36:21,669:DEBUG:certbot.reverter:Creating backup of /etc/httpd/conf/httpd.conf 2017-07-25 17:36:21,823:DEBUG:certbot_apache.configurator:Setting VirtualHost at *:443 to be a name based virtual host 2017-07-25 17:36:21,823:DEBUG:certbot_apache.configurator:Setting *:443 to be NameBasedVirtualHost Directive added to None 2017-07-25 17:36:25,059:INFO:certbot.auth_handler:Waiting for verification... 2017-07-25 17:36:25,060:DEBUG:acme.client:JWS payload: { "keyAuthorization": "YZuBttrs6_MSo7RYI2AOxuYUqCko52ndBs93yT6mAcc.RzlZCKcL1B7W0x_T0PsC9Vnfl3BG7OCAzGlpjeYW1fk", "type": "tls-sni-01", "resource": "challenge" } 2017-07-25 17:36:25,068:DEBUG:acme.client:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/challenge/B1aHUs_85GmGaTr-qYfFZ26K3ApMGOiT1ll-DqmAdDA/1616468580: { "protected": "eyJub25jZSI6ICJ4aTRUTUNJSUVWYUF2R1JmV0pwcWxQU0NLZE5Ob3ZWLU9ONHVDTXl0bWFnIiwgImFsZyI6ICJSUzI1NiIsICJqd2siOiB7ImUiOiAiQVFBQiIsICJrdHkiOiAiUlNBIiwgIm4iOiAidXlLLXduTTFONzdkdVhPU1RlQzNkdk94eUdwMmswYmVzS1dtQ3E1RnFiN0tkLVgyd05ndEVfdHpoT3d2R003T29zNFdfVnUtUkdzczZ1dy13aExBcHNIcl85X0I4TW9nYkdVdjV5YlhqVVRVVUlRZUczMC05SlNkb2l0MkFOVkpmWVdKdzBSSzNtQS1uTzNFd1llS3k0clZjTDRvb1o2S1NUZlFoam01VlFRendtWl9nZG1FWVFzbDNDYVVhUDlKUGRqTi1KTXJCNV9MQ0RQdFNvTUF2cjdXN0pobjJfeGxLbm1oN254c1dmZFFhSVNpREJ3VnFYdXBWdm1Hc1d5bDY5OEZCc08xdEcyOHd3RDdVRlN4WGwzb2dqaTg4UDZSNjVoQU9XYWVLQzdZVkVmel9IWnA3Njg0NldoVVV3WjBuanVGc2xEeHVRdnk4YW5ZSmFWTnhRIn19", "payload": "ewogICJrZXlBdXRob3JpemF0aW9uIjogIlladUJ0dHJzNl9NU283UllJMkFPeHVZVXFDa281Mm5kQnM5M3lUNm1BY2MuUnpsWkNLY0wxQjdXMHhfVDBQc0M5Vm5mbDNCRzdPQ0F6R2xwamVZVzFmayIsIAogICJ0eXBlIjogInRscy1zbmktMDEiLCAKICAicmVzb3VyY2UiOiAiY2hhbGxlbmdlIgp9", "signature": "WzWAmnK2UvR573e2h4ei7i3kTgPeVmNrfG-XfeHWhuQBEziNvb_I3Gye376EHShzKBq1rZZ11f3t4G2srWRhTBG-8LdJQg9BsllA-O31mWfRzll8aDXROeWigOsVpdWQbL-jTykeojM41l7YEvSvZs7aHCb1u7IVcI-fWB2NtO5GcvBwq5gKLgD8WxGo2Lo21lFBW1lYbRlR9WjzaeMMzHrlnbp1_d0eJ3V9PW37nOQ4YX7hLZhpeA783aWE6OTPP1wExkirPxDH2wLFl-8Oj2hjUNq-g3kD1e9uLE7lAtG8-klp4D_61PRlVlhRFaBTkdFl97hBaHT8T1URCD47lQ" } 2017-07-25 17:36:25,698:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "POST /acme/challenge/B1aHUs_85GmGaTr-qYfFZ26K3ApMGOiT1ll-DqmAdDA/1616468580 HTTP/1.1" 202 339 2017-07-25 17:36:25,699:DEBUG:acme.client:Received response: HTTP 202 Server: nginx Content-Type: application/json Content-Length: 339 Boulder-Request-Id: Dvil6DkL_oZhGKV9PFjtnZ6ioMFefbA3LF0pR_6o6DA Boulder-Requester: 19165005 Link: ;rel="up" Location: https://acme-v01.api.letsencrypt.org/acme/challenge/B1aHUs_85GmGaTr-qYfFZ26K3ApMGOiT1ll-DqmAdDA/1616468580 Replay-Nonce: HbUcJBOlVXrno6ovIB5UuaTM17FE8C_R9D9bCBcdx4I Expires: Tue, 25 Jul 2017 17:36:26 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Tue, 25 Jul 2017 17:36:26 GMT Connection: keep-alive { "type": "tls-sni-01", "status": "pending", "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/B1aHUs_85GmGaTr-qYfFZ26K3ApMGOiT1ll-DqmAdDA/1616468580", "token": "YZuBttrs6_MSo7RYI2AOxuYUqCko52ndBs93yT6mAcc", "keyAuthorization": "YZuBttrs6_MSo7RYI2AOxuYUqCko52ndBs93yT6mAcc.RzlZCKcL1B7W0x_T0PsC9Vnfl3BG7OCAzGlpjeYW1fk" } 2017-07-25 17:36:25,699:DEBUG:acme.client:Storing nonce: HbUcJBOlVXrno6ovIB5UuaTM17FE8C_R9D9bCBcdx4I 2017-07-25 17:36:28,704:DEBUG:acme.client:Sending GET request to https://acme-v01.api.letsencrypt.org/acme/authz/B1aHUs_85GmGaTr-qYfFZ26K3ApMGOiT1ll-DqmAdDA. 2017-07-25 17:36:28,891:DEBUG:requests.packages.urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "GET /acme/authz/B1aHUs_85GmGaTr-qYfFZ26K3ApMGOiT1ll-DqmAdDA HTTP/1.1" 200 1527 2017-07-25 17:36:28,893:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Content-Type: application/json Content-Length: 1527 Boulder-Request-Id: qcoXUSCFDaTNvsFS-9KFMDLIVpx3CIEmlX3OaakBTCg Link: ;rel="next" Replay-Nonce: ZRZeDWzu_fs3Mas2xmXLxhsNDSiPu1HxpyVTUFpQ4ZA X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 Expires: Tue, 25 Jul 2017 17:36:29 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Tue, 25 Jul 2017 17:36:29 GMT Connection: keep-alive { "identifier": { "type": "dns", "value": "prueba.tboxplanet.com" }, "status": "invalid", "expires": "2017-08-01T17:36:21Z", "challenges": [ { "type": "tls-sni-01", "status": "invalid", "error": { "type": "urn:acme:error:connection", "detail": "Connection refused", "status": 400 }, "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/B1aHUs_85GmGaTr-qYfFZ26K3ApMGOiT1ll-DqmAdDA/1616468580", "token": "YZuBttrs6_MSo7RYI2AOxuYUqCko52ndBs93yT6mAcc", "keyAuthorization": "YZuBttrs6_MSo7RYI2AOxuYUqCko52ndBs93yT6mAcc.RzlZCKcL1B7W0x_T0PsC9Vnfl3BG7OCAzGlpjeYW1fk", "validationRecord": [ { "hostname": "prueba.tboxplanet.com", "port": "443", "addressesResolved": [ "159.203.187.73" ], "addressUsed": "159.203.187.73", "addressesTried": [] } ] }, { "type": "http-01", "status": "pending", "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/B1aHUs_85GmGaTr-qYfFZ26K3ApMGOiT1ll-DqmAdDA/1616468582", "token": "WNsWN5f7kNZqNlTG3hCJXGCC9a6jdnSFUiSbI1XrWIU" }, { "type": "dns-01", "status": "pending", "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/B1aHUs_85GmGaTr-qYfFZ26K3ApMGOiT1ll-DqmAdDA/1616468583", "token": "P-RdhT0AhBKQdqjVOFRYZTL4Hu94spL2xtda8vuEf0w" } ], "combinations": [ [ 1 ], [ 2 ], [ 0 ] ] } 2017-07-25 17:36:28,896:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: prueba.tboxplanet.com Type: connection Detail: Connection refused To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are preventing the server from communicating with the client. If you're using the webroot plugin, you should also verify that you are serving files from the webroot path you provided. 2017-07-25 17:36:28,897:INFO:certbot.auth_handler:Cleaning up challenges 2017-07-25 17:36:29,117:DEBUG:certbot.log:Exiting abnormally: Traceback (most recent call last): File "/root/.local/share/letsencrypt/bin/letsencrypt", line 11, in sys.exit(main()) File "/root/.local/share/letsencrypt/lib/python2.6/site-packages/certbot/main.py", line 743, in main return config.func(config, plugins) File "/root/.local/share/letsencrypt/lib/python2.6/site-packages/certbot/main.py", line 598, in run certname, lineage) File "/root/.local/share/letsencrypt/lib/python2.6/site-packages/certbot/main.py", line 82, in _get_and_save_cert lineage = le_client.obtain_and_enroll_certificate(domains, certname) File "/root/.local/share/letsencrypt/lib/python2.6/site-packages/certbot/client.py", line 356, in obtain_and_enroll_certificate certr, chain, key, _ = self.obtain_certificate(domains) File "/root/.local/share/letsencrypt/lib/python2.6/site-packages/certbot/client.py", line 317, in obtain_certificate self.config.allow_subset_of_names) File "/root/.local/share/letsencrypt/lib/python2.6/site-packages/certbot/auth_handler.py", line 81, in get_authorizations self._respond(resp, best_effort) File "/root/.local/share/letsencrypt/lib/python2.6/site-packages/certbot/auth_handler.py", line 138, in _respond self._poll_challenges(chall_update, best_effort) File "/root/.local/share/letsencrypt/lib/python2.6/site-packages/certbot/auth_handler.py", line 202, in _poll_challenges raise errors.FailedChallenges(all_failed_achalls) FailedChallenges: Failed authorization procedure. prueba.tboxplanet.com (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Connection refused