ASUS GT AC5300 Router

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: laannew.asuscomm.com

I ran this command: I tried to get your cert from my router

It produced this output: updating… and only my LAN IP

My web server is (include version):

The operating system my web server runs on is (include version): W10

My hosting provider, if applicable, is: ASUS

I can login to a root shell on my machine (yes or no, or I don’t know): NO

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): ASUS Web-page

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

I’m trying to set up and use your cert in my router ASUS GT-AC5300 but it dont work as i should. I have tried to contact ASUS Support, but I get no real answers. They only point at an FAQ/1034294 which I have tried “100” times.

I checked the router system log and got this:
May 24 15:10:00 rc_service: service 7529:notify_rc restart_letsencrypt
May 24 15:10:03 kernel: acme-client: https://acme-v01.api.letsencrypt.org/acme/new-authz: bad HTTP: 429
May 24 15:10:03 kernel: acme-client: transfer buffer: [{ “type”: “urn:acme:error:rateLimited”, “detail”: “Error creating new authz :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/”, “status”: 429 }] (189 bytes)
May 24 15:15:00 rc_service: service 7701:notify_rc restart_letsencrypt
May 24 15:15:04 kernel: acme-client: https://acme-v01.api.letsencrypt.org/acme/new-authz: bad HTTP: 429
May 24 15:15:04 kernel: acme-client: transfer buffer: [{ “type”: “urn:acme:error:rateLimited”, “detail”: “Error creating new authz :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/”, “status”: 429 }] (189 bytes)

(Just examples)

Can you please comment on this…

/Leif

Hi @laan0000

there is no answer ( https://check-your-website.server-daten.de/?q=laannew.asuscomm.com ):

The standard validation is http-01 validation. That requires an open port 80 and an answer from a webserver checking a file in /.well-known/acme-challenge. But there is only a timeout visible.

So first step: You must allow incoming requests.

Hi JuergenAuer!
I have asked ASUS that a couple of times but they only refer to the FAQ/1034294 which has this in it: “Please make sure your router can issue domain validation and certificate renewal via 80 port from the Internet.”. But I don’t know how to do that… can anyone help?? I have tried a “port forward” but it was not any luck. Or maybe I did it wrong in some way… I have told ASUS I need a “step by step” instruction on that, but the answer just points to FAQ/1034294…
/Leif

That's the problem, your port 80 is closed.

Please read the documentation. I don't know how to do that. Or share a link to that documentation.

Is this a home server? Perhaps your Provider blocks port 80. But it's impossible to check that if your port is closed.

I have made a new port forwarding. Is it better now?
I have other small “boxes” (Flightradar24, Flightaware, Blitzortung) of which some uses port 80 so it must be open from LAN.

/Leif

If you have changed your configuration, use https://check-your-website.server-daten.de/?q=laannew.asuscomm.com to recheck your domain.

Then you see, if port 80 is open.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.