[App Server] Unable to obtain ACME certificate for domains

I’m trying to switch over to https and I’m getting the following error on startup:

phyre@Ubuntu20041LTS:~$ anvil-app-server --config-file anvil3.yaml
Found Anvil App Server JAR in package directory
Launching HTTPS Server on port 3030
Traefik dashboard: http://localhost:25155/dashboard/
Extracting Traefik to /home/phyre/.anvil-data/traefik/bin
(/home/phyre/.anvil-data/traefik/bin/anvil-traefik --log.level=info --providers.file.filename=/home/phyre/.anvil-data/traefik/traefik.yml --api=true --api.dashboard=true --entrypoints.dashboard.address=127.0.0.1:25155 --entrypoints.https.address=0.0.0.0:3030 --certificatesResolvers.letsEncrypt.acme.tlsChallenge=true --certificatesResolvers.letsEncrypt.acme.storage=.anvil-data/letsencrypt-certs.json)
INFO[0000] Configuration loaded from flags.
INFO[2020-08-24T16:06:54-05:00] Traefik version 2.2.0 built on 2020-03-25T17:32:57Z
INFO[2020-08-24T16:06:54-05:00]
Stats collection is disabled.
Help us improve Traefik by turning this feature on
More details on: https://docs.traefik.io/contributing/data-collection/
INFO[2020-08-24T16:06:54-05:00] Starting provider aggregator.ProviderAggregator {}
INFO[2020-08-24T16:06:54-05:00] Starting provider *file.Provider {“watch”:true,“filename”:"/home/phyre/.anvil-data/traefik/traefik.yml"}
INFO[2020-08-24T16:06:54-05:00] Starting provider *acme.Provider {“caServer”:“https://acme-v02.api.letsencrypt.org/directory",“storage”:".anvil-data/letsencrypt-certs.json",“keyType”:“RSA4096”,“tlsChallenge”:{},“ResolverName”:“letsEncrypt”,“store”:{},"ChallengeStore”:{}}
INFO[2020-08-24T16:06:54-05:00] Testing certificate renew… providerName=letsEncrypt.acme
INFO[2020-08-24T16:06:54-05:00] Starting provider *traefik.Provider {}
Found 0 migration(s) for (base runtime) DB.
Executing Anvil migrations…
Database currently at “2019-09-23-B-denormalise-app-sessions”
0 migration(s) to perform.
Migration complete.
[INFO anvil.core.server] HTTP Server running on port 13899
[INFO anvil.app-server.run] App URL: https://mydomain.net
[INFO anvil.app-server.dispatch] Launching built-in downlink…
[ERROR anvil.app-server.run] Failed to start mail server on port 25 - this application will not be able to receive email: java.net.BindException: Permission denied (Bind failed)
Connecting to ws://localhost:13899/_/downlink
Anvil websocket open
[INFO anvil.executors.downlink] Downlink client connected with spec {:runtime “python3-full”, :session_id “2zT6Khhhu5UZlQ6c0Ubo”}
Downlink authenticated OK
INFO[2020-08-24T16:06:59-05:00] Register… providerName=letsEncrypt.acme
ERRO[2020-08-24T16:07:08-05:00] Unable to obtain ACME certificate for domains “mydomain.net” : unable to generate a certificate for the domains [mydomain.net]: acme: Error -> One or more domains had a problem:
[mydomain.net] acme: error: 400 :: urn:ietf:params:acme:error:connection :: Connection refused, url: providerName=letsEncrypt.acme

I don’t know where to start to solve this. Any ideas? Could this be a problem with my firewall?

I am not too sure about your issue, but this link helps me to get https:
https://certbot.eff.org/lets-encrypt/ubuntuother-apache

Thanks for the reply but I don’t know how to use this. I have another server that has a cert and uses https but I don’t know how I would use Anvil at the same time on that server.

I’m thinking that the follwing error would mean something to someone who has been through this before:

ERRO[2020-08-24T16:07:08-05:00] Unable to obtain ACME certificate for domains “mydomain.net” : unable to generate a certificate for the domains [mydomain.net]: acme: Error → One or more domains had a problem:
[mydomain.net] acme: error: 400 :: urn:ietf:params:acme:error:connection :: Connection refused, url: providerName=letsEncrypt.acme

Why is the connection refused? What connection to where?

My bad, the provided link is for LAMP stack.
I just got the same issue like yours and firewall is the problem, here is what makes it works, not the pefect one

image697×201 14.3 KB