Certbot with standalone fails with "could not connect"

Hi LetsEncrypt-community,

we also have servers that are behind NAT-firewalls and I have been looking for ways to getLetsEncryptt-authenticated and verified SSL-certs to those (two) servers that each have their own DNS-names. I found this thread and still I do not know how should I go about with letsencrypt-auto or certbot-auto to generate SSL:s to those servers. Anything I try with:

/letsencrypt-auto certonly --email myfake.fake.emll --agree-tos --apache  -d my1.domain.tld


/letsencrypt-auto certonly --email my@fake.com --agree-tos --standalone --standalone-supported-challenges http-01 --http-01-port 80 -d my1.domain.tld

or any other way, always fails with:

Failed authorization procedure. my1.domain.tld (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Could not connect to my1.domain.tld

How can I make this work using this “dns-01” -challenge system, please?

Hi @jjaone,

I split this into a new thread because I’m not sure whether it was related to the existing thread.

Can you confirm that the name that corresponds to my1.domain.tld is a publicly visible name in the DNS but that the NAT won’t actually allow entities on the public Internet to connect directly inbound to that machine?

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.