Does anyone know if the Docker version of Certbot will respond to a challenge request on port 443? I have a success over 80, but would like to get new certs on 443. The container is listening on 443, but the challenge only appears to work on 80.
As a second question - how can I pass in the initial values for the questions asked (like my email address?) - these servers need to start and be configured automatically. Is that the
My domain is: docker.dev.vaultara.com
I ran this command:
sudo docker run -it --rm --name certbot \ -v "/home/ubuntu/docker_cache/certs:/etc/letsencrypt" \ -v "/home/ubuntu/docker_cache/letsencrypt:/var/lib/letsencrypt" \ -p 80:80 \ -p 443:443 \ certbot/certbot certonly --standalone --dry-run
It produced this output (with port 80 restricted on the firewall):
Simulating a certificate request for docker.dev.vaultara.com Certbot failed to authenticate some domains (authenticator: standalone). The Certificate Authority reported these problems: Domain: docker.dev.vaultara.com Type: connection Detail: Fetching http://docker.dev.vaultara.com/.well-known/acme-challenge/ZdFHfpBM96ZUUxrTqqUevwi9K12E3ucfqJKf9nCCADM: Timeout during connect (likely firewall problem) Hint: The Certificate Authority couldn't exterally verify that the standalone plugin completed the required http-01 challenges. Ensure the plugin is configured correctly and that the changes it makes are accessible from the internet.
$ docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 8d9ecc8fa1fa certbot/certbot "certbot certonly --…" 32 seconds ago Up 31 seconds 0.0.0.0:80->80/tcp, :::80->80/tcp, 0.0.0.0:443->443/tcp, :::443->443/tcp certbot
My web server/operating system is (include version):
ubuntu - I'm setting up a Docker Registry, so these certs will go in that container. So technically, it's Go.
My hosting provider, if applicable, is: AWS/EC2
I can login to a root shell on my machine (yes or no, or I don't know): Yes
The version of my client is: certbot 1.16.0