Let's Encrypt Access URL https://domain.fbx.one failed

FreedomBox connection: plugged into router
FreedomBox version: 23.21

I suddenly disconnected from Gajim and am unable to reconnect. I restarted Gajim to be sure it wasn’t the problem, but I was unable to connect to my XMPP server. I ran Diagnostics in FreedomBox and found this error in Let’s Encrypt. It is the only error that Diagnostics returned:

Access URL https://[domain].fbx.one failed

I am able to access my FreedomBox over Tor with its .onion address. Its normal address shows ‘Timed Out’ and ‘Problem loading page’

I had not changed anything about my FreedomBox settings before the sudden disconnect. The Dynamic DNS, Configure, and Name Service tabs all remain unchanged. Under the Dynamic DNS tab, it shows ‘Success’ next to the domain.

Under the Let’s Encrypt tab, the certificate shows no sign of error. I have not touched any ports whatsoever from the last known working configuration.

Here are the things I have tried:
-Update to FreedomBox 24.1. Diagnostics still shows error.
-Press the Re-run setup button next to Let’s Encrypt in Diagnostics. Shows ‘App updated’ but situation remains the same when I re-run Diagnostics.
-Revoke the certificate and Re-obtain. It shows a new certificate, but Diagnostics still shows error.
-Delete the certificate and Re-obtain. It shows a new certificate, but Diagnostics still shows error.
-Rollback to a known working snapshot date. Diagnostics still shows error.
-Run ‘dig’ command. It returns the FreedomBox’s IP address correctly.

I also looked at this thread: Cannot access Domain URL for Let's Encrypt - #5 by mcr314

This user receives an error that I do not. Mine behaves normally, as if it were working.

I would appreciate any advice.

Thank you.

Besides the error in the diagnostics, do you have any functional issue?

I am asking because I have a freedombox (Pioneer, I have two running) with the same diagnostic failed (but I use a domain name I registered, not domain.fbx.one) and the same button to re-run setup (which I did) but the URL that is supposed to not be accessible works perfectly and I don’t notice any functional problem.

So I am wondering whether there is really a problem.

Thank you for the reply, Avron.

The problem is that I am unable to access my XMPP server. I have been unable to do so for about a week. Aside from the Let’s Encrypt error, I have no indication that anything else is a problem, as ejabberd does not show any error.

I believe you are also an XMPP user, so if you have had the problem before, I would appreciate any advice.

To make sure I understand correctly: you cannot access https://[domain].fbx.one from an external network, where [domain] is the domain supposed to be accessible?

You could try https://compliance.conversations.im in case it gives any useful piece of information. I guess the things to (re-)check are port forwarding on your ISP and/or personal router and the necessary DNS entries (but I don’t know how it works with [domain].fbx.one). I occasionnally make mistakes on this. Besides, with my ISP, I had issues with IPv6 so I disabled it (I know that this is not a long term solution).

My ejabberd runs on a Pioneer behind a router connected to an openvpn server that provides me unfiltered internet connectivity with a fixed IPv4 address and IPv6 prefix (I am not too familiar with IPv6), so it is protected from the vagaries of my ISP.

EDIT: I use an XMPP account on my Pioneer to communicate with a group of XMPP enthusiasts but for other people, I still use an account hosted by conversations.im (but with a domain I registered), which avoids getting complains when my Pioneer is not working, and some people taking this as an excuse to stop using XMPP. I may eventually host that account too.

That’s correct. I am unable to reach the FreedomBox from an external network using its clearnet address, where it should normally be accessible. I will double-check the ports and GnuDIP in the event something happened. Thank you for your help.