Auto Setup failed authorisation DVNSI challenge on custom port?


#1

Hi,
I’m trying to setup a cert for my server which is behind a firewall. The server is already running a service on https only on a custom port (no http access) with a self signed cert, so I wish to replace this with the let’s encrypt one.

running the auto command:
letsencrypt-auto --apache -d customport.server.com
I get the error:
`Failed authorization procedure. customport.server.com (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Failed to connect to host for DVSNI challenge

IMPORTANT NOTES:

  • The following errors were reported by the server:

    Domain: customport.server.com
    Type: urn:acme:error:connection
    Detail: Failed to connect to host for DVSNI challenge
    `
    Is this failing because I can’t specific a port for acme to query? or do I need a port 80 http access from the outside?

Regards
Damien.


#2

When using the DVSNI method the server must be reachable on port 443. The Simple HTTP method can use port 80 or 443.