Certbot with nginx reverse proxy and CloudFlare

pokapow · July 21, 2017, 11:07pm

I’m using CloudFlare on my domain. Since 2 days, I’m using certbot on my server for SSL.
But, i’m using it with Nginx which is in a special LXC container, and my websites in anothers containers in my server (proxmox). So nginx is the reverse proxy for all my LXC, which have differents services of my domain.

The thing is, I can’t cert my domain in webroot mode, because the website is not on the same system. So CloudFlare is not working correctly since I’m using Let’s Encrypt, I disabled it.

I searched on this forum, but I found only case where people use let’s encrypt in webroot with CloudFlare, but I can’t actualy …

So you how could I do ? Maybe a special configuration in nginx, or CLoudFlare side ?

rg305 · July 21, 2017, 11:35pm

You might be able to do this if you bypass the proxy for the challenge directory.
Maybe by including something like this:
ProxyPass /.well-known/acme-challenge !
and also sending challenge requests to a local folder:
Alias /.well-known/acme-challenge /local/path/to/challenge/folder

schoen · July 22, 2017, 4:37am

Indeed, I think we also had one user here recently who set up a certificate-obtaining container, and routed all of /.well-known/acme-challenge to it, with good results. (But I don’t remember the forum thread link.)

system · August 21, 2017, 4:37am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.