Why I tried to use "bncert-tool" to install Let’s Encrypt certificates but it showed "connection refused"

Keywords: Django - Virtual Machines - How to - Secure Connections (SSL/HTTPS)

Description:

Script stderr:
2021/11/24 17:37:17 [INFO] [er1.tw, www.er1.tw] acme: Obtaining bundled SAN certificate
2021/11/24 17:37:18 [INFO] [er1.tw] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/52359571400
2021/11/24 17:37:18 [INFO] [www.er1.tw] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/52359571410
2021/11/24 17:37:18 [INFO] [er1.tw] acme: use tls-alpn-01 solver
2021/11/24 17:37:18 [INFO] [www.er1.tw] acme: use tls-alpn-01 solver
2021/11/24 17:37:18 [INFO] [er1.tw] acme: Trying to solve TLS-ALPN-01
2021/11/24 17:37:25 [INFO] [www.er1.tw] acme: Trying to solve TLS-ALPN-01
2021/11/24 17:37:29 [INFO] Deactivating auth: https://acme-v02.api.letsencrypt.org/acme/authz-v3/52359571400
2021/11/24 17:37:30 [INFO] Deactivating auth: https://acme-v02.api.letsencrypt.org/acme/authz-v3/52359571410
2021/11/24 17:37:30 Could not obtain certificates:
error: one or more domains had a problem:
[er1.tw] acme: error: 400 :: urn:ietf:params:acme:error:connection :: Connection refused
[www.er1.tw] acme: error: 400 :: urn:ietf:params:acme:error:connection :: Connection refused

Error running /opt/bitnami/letsencrypt/lego --path /opt/bitnami/letsencrypt --email="hsiaohofu@gmail.com" --accept-tos --tls --domains=er1.tw --domains=www.er1.tw run: 2021/11/24 17:37:17 [INFO] [er1.tw, www.er1.tw] acme: Obtaining bundled SAN certificate
2021/11/24 17:37:18 [INFO] [er1.tw] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/52359571400
2021/11/24 17:37:18 [INFO] [www.er1.tw] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/52359571410
2021/11/24 17:37:18 [INFO] [er1.tw] acme: use tls-alpn-01 solver
2021/11/24 17:37:18 [INFO] [www.er1.tw] acme: use tls-alpn-01 solver
2021/11/24 17:37:18 [INFO] [er1.tw] acme: Trying to solve TLS-ALPN-01
2021/11/24 17:37:25 [INFO] [www.er1.tw] acme: Trying to solve TLS-ALPN-01
2021/11/24 17:37:29 [INFO] Deactivating auth: https://acme-v02.api.letsencrypt.org/acme/authz-v3/52359571400
2021/11/24 17:37:30 [INFO] Deactivating auth: https://acme-v02.api.letsencrypt.org/acme/authz-v3/52359571410
2021/11/24 17:37:30 Could not obtain certificates:
error: one or more domains had a problem:
[er1.tw] acme: error: 400 :: urn:ietf:params:acme:error:connection :: Connection refused
[www.er1.tw] acme: error: 400 :: urn:ietf:params:acme:error:connection :: Connection refused
Executing chown -R bitnami /opt/bitnami/letsencrypt
Script exit code: 0

Script output:

I can link to my site with http://ert.tw:8080
I want to change it to https
I use bncert-tool but it failed with error message “connection refused”
Which setting should I change?

Network setting

*:8080 -> 80 *:8443 -> 443(SSH)

Hello @hfh2018,

Could you take a look at this previous case?

I hope it helps

1 Like

Thanks for your help
It is Okay after I change the setting to *:443 -> 443 and turn off the firewall of the Mac
But the above method is risky because my website has no protection.