I recently moved my UNMS installation to a new VPS Server, however, due to config conflicts, I was not able to use the standard ports 80 and 443, so instead I used 8080 and 8443, however when in UNMS and I try to create a new SSL Cert, I am getting the following error.
Last refresh of SSL certificate had failed.
Timestamp: Today at 18:28
Error: Challenge failed for domain unms.systopian-web1.com
Some challenges have failed.
Failed to generate or update Let’s Encrypt certificate.
I would like to know where these challenges are configured and if I am able to set them properly, or do I need to do something else? I have cers both for unms.systopian-web1.com as well sa a wild card *.systopian-web1.com however, the browsers will not recognie them for some reason. So I figured it best to let UNMS create new certs though I can’t get it to.
I ran this command: certbot certonly --manual --preferred-challenges=dns --email firstname.lastname@example.org --server https://acme-v02.api.letsencrypt.org/directory --agree-tos -d *.systopian-web1.com - For the Wild Card and
I have checked the paths root@systopian-web1:/etc/letsencrypt/live/unms.systopian-web1.com and the files all exist, however, the browsers will not accept these as valid cers.
My web server is (include version):I believe that UNMS runs under Docker, using nginx which is why I need to use non-standard ports as Apache is using the standard ports.
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don’t know):
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you’re using Certbot):
certbot-auto --version - certbot 1.1.0
certbot --version - certbot 0.27.0
The email used to create the Certs via certbot is email@example.com
So basically, how can I either correct the challenges, or get the certs created to be accepted by my browsers? Please note, that this is for internal use only, so while there is nothing customer facing here, I would still prefer to have SSL working properly since I am accessing my sites over the public internet.
I would greatly appreciate any assistance.
Thank you in advance.