Timeout during connect (likely firewall problem)

Im receiving this error when I request a certificate. The test comes back fine but the cert request shoots this error:

Validation of the required challenges did not complete successfully. Fetching http://connect.website.com/.well-known/acme-challenge/asMHSqDozX7exX02qa6wWc56G-d1rVS_SMVvmtYjiDk: Timeout during connect (likely firewall problem)

Its a RDG server and I went to windows firewall to allow CTW through and it still doesnt work. Can someone please assist?

So you specifically needs to open port 80 so that http validation will work.

You could possibly just allow certify.exe (which is the command line process that spawns during http validation) but I haven’t tried that myself.

Failing that you can investigate using DNS validation instead, which doesn’t require firewall changes.

Also note that if you are opening ports on windows firewall and you are using a cloud hosted VM you also need to open the port on the cloud control panel as most will default to blocking all ports.

I actually have windows firewall turned off on this machine.

Ok, so either way your current configuration is apparently not allowing external traffic to connect to port 80. Check your VM hosting network settings.

You also cannot use geographic IP filtering with Let’s Encrypt http validation because they validate from a range of different geographic locations.

I am using Hyper-V and a cisco firewall. So I would just have to open port 80 on those?

Yes, for any port you need open you need to clear a path through the various networking layers as nowadays by default most of them close ports and require you to open them explicitly. If you are operating your own infrastructure (not using a cloud vm provider) then you must be doing things like NAT and port forwarding.

Note that you also have the option of just using DNS validation instead, that way you don’t need any extra ports open.