Runng Let's Encrypt behind firewall
Posted: 23 Nov 2023 10:49
We were interested in turning on TLS on our EFA box (latest version). From reading on here, it seems I just needed to enable Let's Encrypt but ran into the problem below as the server is behind a firewall that only allows SMTP traffic through.
I can't see myself ever getting the network guys to allow a http connection to the server, even https would be a push so wondering if there is any guide on how to do this manually?
Appreciate any suggestions, thanks!
Code: Select all
Would you like to Enable Let's Encrypt? [y/n/c]
y
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Account registered.
Requesting a certificate for efa4.xxxxxx.ie
Certbot failed to authenticate some domains (authenticator: apache). The Certificate Authority reported these problems:
Domain: efa4.xxxxxx.ie
Type: connection
Detail: aaa.bbb.ccc.ddd: Fetching http://efa4.xxxxxx.ie/.well-known/acme-challenge/THsxaWzFrLEV_agdoTpOdSMXvTjbS2OkFOCnBOLd5O0: Timeout during connect (likely firewall problem)
Hint: The Certificate Authority failed to verify the temporary Apache configuration changes made by Certbot. Ensure that the listed domains point to this Apache server and that it is accessible from the internet.
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
Error running Let's Encrypt, please correct the problem and try again.
Appreciate any suggestions, thanks!