Let’s Encrypt - 'Access URL https://domain.fbx.one failed'

Support
1

Hi All,

For a while now freedombox as started to show a message after a Diagnostics check.

‘Access URL https://domain.fbx.one failed’

and hangs at ‘Let’s Encrypt’, then completes and give the option for repair, which will complete and update Let’s Encrypt certificate.

The problem this situation will happen again in a few days. I been able to get some log file info about what going on.

/var/log/letsencrypt# tail -f letsencrypt.log

2025-09-15 15:54:33,081:DEBUG:certbot._internal.log:Root logging level set at 30
2025-09-15 15:54:33,089:INFO:certbot.ocsp:Cannot extract OCSP URI from /etc/letsencrypt/live/domain.fbx.one/cert.pem
2025-09-15 15:54:33,090:DEBUG:certbot._internal.display.obj:Notifying user: Found the following matching certs:
  Certificate Name: domain.fbx.one
    Serial Number: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    Key Type: ECDSA
    Domains: domain.fbx.one
    Expiry Date: 2025-12-14 12:13:41+00:00 (VALID: 89 days)
    Certificate Path: /etc/letsencrypt/live/domain.fbx.one/fullchain.pem
    Private Key Path: /etc/letsencrypt/live/domain.fbx.one/privkey.pem

Help appreciated - Regards: peter

“Debian GNU/Linux 13 (trixie) and FreedomBox version 25.11. FreedomBox is up to date.”

2

Hi All,

It been a few days now and all been OK with Let’s Encrypt but this morning the same problem is here again. I have done a screenshot to get the idea over of what going on! I been digging about to find out what going on but not luck yet !

The freebonbox is working OK so No need to run the repair option.

Regards: peter

Screenshot-FreedomBox
Screenshot-FreedomBox1230×365 32.1 KB

3

Hi All.

This afternoon I got the same Diagnostic message : Access URL https://domain.fbx.one failed

After some looking in the logs from cockpit, I found what is pasted below. It log date is after the message. I hope it can help it find what the trigger for: Access URL https://domain.fbx.one failed !! message.

Because of the line:
Invalid HTTP_HOST header: '_matrix._tcp.domain.fbx.one'. The domain name provided is not valid according to RFC 1034/1035.

Regards: peter

/usr/bin/plinth
Invalid HTTP_HOST header: '_matrix._tcp.domain.fbx.one'. The domain name provided is not valid according to RFC 1034/1035.
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/django/core/handlers/exception.py", line 55, in inner
    response = get_response(request)
  File "/usr/lib/python3/dist-packages/django/utils/deprecation.py", line 133, in __call__
    response = self.process_request(request)
  File "/usr/lib/python3/dist-packages/django/middleware/common.py", line 48, in process_request
    host = request.get_host()
  File "/usr/lib/python3/dist-packages/django/http/request.py", line 150, in get_host
    raise DisallowedHost(msg)
django.core.exceptions.DisallowedHost: Invalid HTTP_HOST header: '_matrix._tcp.domain.fbx.one'. The domain name provided is not valid according to RFC 1034/1035.

CODE_FILE    /usr/lib/python3/dist-packages/django/utils/log.py
4

Hi @Peterc
You are not alone. Since I have my FreedomBoxes, this Let’s Encrypt failure is showing up on every run of the diagnose. It doesn’t matter if the FreedomBox has a domain accessible from the outside (I have my own domain) or if the FreedomBox has just the local freedombox domain and is only accessible from the local network. This is the only error I have and these errors do not affect my FreedomBoxes or its services in any way, as far as I can tell. So I got use to it. I know, my answer does not help in your case. Just to let you know…

5

Hi @David

Thanks for the reply ! So it not just me and like you say it dose not affect freedombox services in any way.

It just annoying that it can not be stopped !

Regards: peter