Please forgive the noob question, if anyone can provide some help it would be greatly appreciated:
I have 2 Raspberry Pi LAMP webservers each hosting wordpress sites.
Each are using DDNS.
I have installed Certbot on each and has successfully issued a certificate for each using the DDNS names.
The server I will use in this example is castingsignin.duckdns.org
My home internet is a dynamic IP address that DDNS keeps track of so castingsignin.duckdns.org will always resolve to the correct address. My router is port forwarding all 80 and 443 traffic to a QNAP server that is running a reverse proxy directing traffic for castingsignin.duckdns.org to the local IP address on my lan where the web server is located. This is working well. However I am getting "Your Connection is Not Private" errors.
If I take out the reverse proxy and port forward from my router directly to the local web server hosting castingsignin.duckdns.org, the SSL certificate works beautifully.
As soon as I forward to the reverse proxy on the QNAP, I get the error:
"This server could not prove that it is castingsignin.duckdns.org ; its security certificate is from example.myqnapcloud.com . This may be caused by a misconfiguration or an attacker intercepting your connection."
My QNAP is running it's own separate Let's Encrypt SSL certificate as well for example.myqnapcloud.com (I changed the name here for security purposes)
It seems the traffic arrives at the web server and goes through the QNAP again before being delivered to the requesting computer. Is the issue with my QNAP Reverse Proxy?
How do other people host multiple websites behind a single IP and use Let's Encrypt for each site?
My domain is: castingsignin.duckdns.org
My web server is (include version): Apache
The operating system my web server runs on is (include version): Ubuntu
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot): 2.1.0