Let's Encrypt failing challenge

Hi folks,

My Let’s Encrypt certificate has worked just fine since I first deployed the box almost a year ago, but suddenly I am getting a privacy error when trying to connect from external networks. This error is consistent across multiple networks and browsers.

On my home network the page deploys fine and boasts a valid certificate, and when I open the Let’s Encrypt app it says the cert is valid, but if I click “Re-obtain” it throws an error saying it failed a challenge.

I took a peek in the log it mentioned at /var/log/letsencrypt/letsencrypt.log but didn’t notice any giveaway clues–a few lines confirming a challenge failed and suggesting I re-check the domain name for accuracy, but the domain referenced is accurate. The IP it lists is also correct.

I checked on the site that hosts my domain (duckdns.org) and everything looks good. I have a second website hosted on a different device, also an Nginx/Let’s Encrypt setup with a duckdns.org domain, and that website is working fine.

Does anyone have experience troubleshooting these certificate errors?

Information
Debian 11 - Bullseye
FreedomBox 22.13

Configuration
Behind a router in the DMZ

Hardware
Olimex A20-OLinuXino-LIME2 board

Is that other nginx server located behind the same router? If so, try shutting it down temporarily and try again plinth’s Let’s Encrypt.

Hi @nbenedek, thanks for the tip–unfortunately, I am still getting the same “Failed to obtain certificate” error. :confused:

The second server is in a Docker container, so I logged into that box and pulled down the container and tried the certificate again. It failed, so I gave the FreedomBox a reboot (:man_shrugging:), but unfortunately that didn’t improve the situation.

What’s odd is the certificate claims to be valid on the internal FBX page, and also the browser recognizes the cert as valid when I access the URL on my local network. :thinking: