I have a issue were I can not authenticate the domain because it’s behind a proxy server as we are a school. Ports 80 and 443 are closed to force everything to go through the proxy. We run both a normal proxy and a transparent one so disabling the proxy doesn’t seem to make a difference.
I am running OSX Server 5 which is facing the internet and using the domain osx.tworiversschool.net. OSX Server reachability gives two different IP depending on if I remove the proxy or add it but I presume there both the IPs of the proxy system. The IP which belongs to the domain is 194.08.54.64 which then routes back to a private IP on our LAN.
I was wondering how I can resolve this issue maybe get lets encrypt/certbot look at a domain record instead of looking at the local server. I think with StartSSL I used a domain record which it verified instead.
Any help would be appreciated as our StartSSL has expired and have been advised to stay away from them now.