2

I'm trying the simple greenlock-express example and I've tried many many times but it won't work. I followed the tutorial many times. I created the greenlock.d/config.json file and it works because I see the domain on the output.

When I launch I see:

webhook_test | Listening on 0.0.0.0:80 for ACME challenges, and redirecting to HTTPS
webhook_test | Listening on 0.0.0.0:443 for secure traffic
webhook_test | Ready to Serve:
webhook_test |   ewkhrwk.xyz

However when I access it with postman, I get

webhook_test | ACME Directory URL: https://acme-v02.api.letsencrypt.org/directory
webhook_test | 
webhook_test | By using this software you (me@email.com) are agreeing to the following:
webhook_test | ACME Subscriber Agreement: https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf
webhook_test | Greenlock/ACME.js Terms of Use: https://rootprojects.org/legal/#terms
webhook_test |

and it stays like that for minutes. Previously when I used greenlock months ago it'd simply generate the certificates in the first access.

After some minutes I get

webhook_test | Error cert_issue:
webhook_test | connect ETIMEDOUT 165.232.74.82:80
webhook_test | code: ETIMEDOUT
webhook_test | Error: connect ETIMEDOUT 165.232.74.82:80
webhook_test |     at TCPConnectWrap.afterConnect [as oncomplete] (net.js:1144:16)
webhook_test | Error cert_issue:
webhook_test | connect ETIMEDOUT 165.232.74.82:80
webhook_test | code: ETIMEDOUT
webhook_test | Error: connect ETIMEDOUT 165.232.74.82:80
webhook_test |     at TCPConnectWrap.afterConnect [as oncomplete] (net.js:1144:16)
webhook_test | Error cert_issue:
webhook_test | connect ETIMEDOUT 165.232.74.82:80
webhook_test | code: ETIMEDOUT
webhook_test | Error: connect ETIMEDOUT 165.232.74.82:80
webhook_test |     at TCPConnectWrap.afterConnect [as oncomplete] (net.js:1144:16)
webhook_test | set greenlockOptions.notify to override the default logger
Guerlando OCs
  • 1,886
  • 9
  • 61
  • 150
  • This is also the case for me. The server opens normally, but when I connect, I get such an error. – Sh031224 Aug 15 '20 at 06:33
  • @Sh031224 Are you using digital ocean? – Guerlando OCs Aug 15 '20 at 20:28
  • Some problem here, it worked fine some months ago. Now it just throws me this error and I can't get my server online anymore... (I didn't noticed this until the certificate got old yesterday.) – Zpeed Tube Feb 09 '21 at 18:37

1 Answers1

0

I've encountered the exact same error when attempting to setup a project that uses greenlock. This is happening because apparently greenlock attempts to access http://example.com from the machine which sets up the certificate.

Accessing http://example.com from the internet would result in a reply which looked like this

curl -i http://example.com
HTTP/1.1 301 Moved Permanently
Location: https://example.com/
Content-Type: text/html; charset=utf-8
Date: Thu, 14 Jul 2022 13:39:01 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 215
[...]

However the request was timing out when attempting to access http://example.com from the machine on which I was trying to setup the certificate using greenlock. This was happening because of a network issue, accessing example.com from the internal network won't actually work. How I fixed it was by adding '127.0.0.1 example.com' in the /etc/hosts in order to resolve example.com to the localhost.

RaduNico
  • 1