# Problem getting started with certbot -- RESOLVED

## Fred Krogh

I decided that if it was easy I'd allow https instead of http on my web sites.  When I run "cerbot --apache", there are failures with this message *Quote:*   

> To fix these errors, please make sure that your domain name was
> 
>    entered correctly and the DNS A record(s) for that domain
> 
>    contain(s) the right IP address. Additionally, please check that
> ...

 I suspect it has to do with my firewall.  Port 80 is passed through to my server using the TCP protocol.  If this is the problem, is there something to be done about it?  If not, what is likely to be the problem?  Many thanks,

   FredLast edited by Fred Krogh on Sat Jul 01, 2017 12:06 pm; edited 1 time in total

----------

## wolvie

try running:

 *Quote:*   

> certbot --apache -d domain

 

or 

 *Quote:*   

> certbot --webroot -w webroot-path

 

in case of fail please paste some extra logs (no sensible information through)

----------

## Fred Krogh

The second option you mentioned suggests using certonly.  The first option fails in the same way.   After trying a bunch of different things and looking at what is coming in on /var/log/messages, I just got this message. *Quote:*   

> An unexpected error occurred:
> 
> There were too many requests of a given type :: Error creating new authz :: Too many invalid authorizations recently.
> 
> Please see the logfiles in /var/log/letsencrypt for more details.

 And with this I just realized where the log file for certbot is stored.

From the log file I can see it is trying to use port 443 which is for https.  My router does not pass that port on.  So if I change my router to allow this and certbot ever forgives me, perhaps it will work for me.  Many thanks.

----------

## wolvie

the block usually drops within 1 hour

----------

## Fred Krogh

Adding port 443 to my router and all works as simple as it could be.

----------

