Issue with let's encrypt

General
1

Hello cloudflare community

Since a while , we did have an issue to renew let’s encrypt certificate from our server ICEWARP : as you can see we can reach the let’s encrypt server easily :

type or paste copro ~]$ curl -acme-v02.api.letsencrypt.org](https://acme-v02.api.letsencrypt.org/)

* About to connect() to [acme-v02.api.letsencrypt.org](http://acme-v02.api.letsencrypt.org/) port 443 (#0)

* Trying 172.65.32.248...

* Connected to [acme-v02.api.letsencrypt.org](http://acme-v02.api.letsencrypt.org/) (172.65.32.248) port 443 (#0)

* Initializing NSS with certpath: sql:/etc/pki/nssdb

* CAfile: /etc/pki/tls/certs/ca-bundle.crt

CApath: none

* SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

* Server certificate:

* subject: CN=acme-v02.api.letsencrypt.org

* start date: mai 07 18:19:30 2023 GMT

* expire date: août 05 18:19:29 2023 GMT

* common name: acme-v02.api.letsencrypt.org

* issuer: CN=R3,O=Let's Encrypt,C=US

> GET / HTTP/1.1

> User-Agent: curl/7.29.0

> Host: [acme-v02.api.letsencrypt.org](http://acme-v02.api.letsencrypt.org/)

> Accept: */*

< HTTP/1.1 200 OK

< Server: nginx

< Date: Mon, 03 Jul 2023 22:33:31 GMT

< Content-Type: text/html

< Content-Length: 1540

< Last-Modified: Thu, 23 Jun 2022 21:26:03 GMT

< Connection: keep-alive

< ETag: "62b4da6b-604"

< X-Frame-Options: DENY

< Strict-Transport-Security: max-age=604800
de here

please find below the ping results :slight_smile:

PING 172.65.32.248 (172.65.32.248) 56(84) bytes of data.
64 bytes from 172.65.32.248: icmp_seq=1 ttl=59 time=1.53 ms
64 bytes from 172.65.32.248: icmp_seq=2 ttl=59 time=1.52 ms
64 bytes from 172.65.32.248: icmp_seq=3 ttl=59 time=1.59 ms
64 bytes from 172.65.32.248: icmp_seq=4 ttl=59 time=1.61 ms
64 bytes from 172.65.32.248: icmp_seq=5 ttl=59 time=1.41 ms
64 bytes from 172.65.32.248: icmp_seq=6 ttl=59 time=1.71 ms
64 bytes from 172.65.32.248: icmp_seq=7 ttl=59 time=1.43 ms
^C64 bytes from 172.65.32.248: icmp_seq=8 ttl=59 time=1.79 ms

— 172.65.32.248 ping statistics —
8 packets transmitted, 8 received, 0% packet loss, time 7309ms
rtt min/avg/max/mdev = 1.414/1.578/1.791/0.132 ms

as you can see , there is no issue from our server to LE Server in terme of communication ,
but we did notice that there is abrupt communication break between the server let’s encrypt and icewarp (our server ) in return

following our deep investigation we highly suspect that there is a block from cloudflare networ k
1?: [LOCALHOST] pmtu 1300
1: gateway 0.197ms
1: gateway 0.249ms
2: 197.140.2.17 0.706ms
3: 172.31.2.105 1.512ms
4: 172.17.116.164 7.004ms
5: 41.110.36.3 10.990ms
6: no reply
7: no reply
8: no reply
9: no reply
10: no reply
11: no reply
12: no reply
13: no reply
14: no reply
15: no reply
16: no reply
17: no reply
18: no reply
19: no reply
20: no reply
21: no reply
22: no reply
23: no reply
24: no reply
25: no reply
26: no reply
27: no reply
28: no reply
29: no reply
30: no reply
Too many hops: pmtu 1300
Resume: pmtu 1300

the IP address 41.110.36.3 belongs to our local provider which he told us that there is a only a cash of LE in algeria but regarding the firewall blocking it’s under cloudlflare ,

please we need your help on this case ,
4

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.