Firewall openings for Lets Encrypt


#1

I’m trying to generate certificates for my domain, but just discovered that the company firewall in front blocks requests from outside Norway… yikes :slight_smile:

There are probably some reasons why, and I am not going to fight that battle. However I will have to ask them to kindly open up for LE requests…

So a few easy questions:

  1. Are there any “rules” that can identify a LE request?

  2. Will LE try from a different server, if the first one fails?


#2

Basically Let’s Encrypt tries to authenticate from random IP addresses ( and will even potentially use Tor one day).

If your site can’t be reached from outside Norway, you may be better using the DNS challenge.


#3

Thank you for your answer!

Unfortunately I am to generate an unknown number of certificates for domains that I do not own. Customers will add entries in DNS for subdomains that will point to my server…

Guess I will have fight the firewall admin after all :slight_smile:


#4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.