Forum OpenACS Q&A: Re: Trying to get https working with letsencrypt certs...

This looks indeed strange. Just now, i have refreshed the certificate on via letsencrypt,tcl, and everything went as expected (see log below). Maybe, your were unlucky, and the service was down at this time. One can check the availability of the API with

Concerning the error message: The only place in NaviServer to return a "can't' connect" error message is the following statement:

        Ns_TclPrintfResult(interp, "can't connect to %s port %hu: %s",
                           host, portNr,
                           (Tcl_GetErrno() != 0) ?  Tcl_PosixError(interp) : "reason unknown");
You see, it gets its error information from Tcl. so far, i had no indication that this is unreliable.

Output from letsencrypt.tcl:

Obtaining a certificate from Let's Encrypt using the Production API:

Let's Encrypt URLs:

Reuse existing account registration at Let's Encrypt

Authorizing account for domain returned HTTP status 201
... getting HTTP challenge... returned HTTP status 202
... validating the challenge... status: pending
... retry after one second... status: pending
... retry after one second... status: valid