Reading through the how-to, etc. but I am starting from square 1 and getting an error. I have a bunch of apache servers, but have been moving to loading the certs onto the loadbalancers (local and AWS ELB) for ease and speed.
I assume lets encrypt will allow the same if I do the generation in manual mode, right? If so, I am trying to do a test API server I have. Note I plan to do the cert generation and such on a single machine in AWS outside of everything, then just copy stuff over. So on a Ubuntu 14.04LTS, git clone things fine, then I issue;
./letsencrypt-auto certonly --manual
I get a popup asking for my domain, I add that,
then prompted with an Auth error, the lets encrypt.log shows;
FailedChallenges: Failed authorization procedure. api.weatherflow.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://api.weatherflow.com/.well-known/acme-challenge/i7PfKSQ1LH8pgfyPJtg2KvLcJ44DO0hTGG7nldkiknc [38.101.125.181]: 404
Now, most of that makes sense, as that info is not on there, it’s in a load balanced environment, so to back around full circle to the question. I want to use a standalone machine to hopefully create the csr request, push it out to lets encrypt who gives the crt file.
I will manually install on the servers (or better the load balancers) but trying to see if I am starting down the right path.
Thanks.