Getting "Your connection is not private"

Accessing https:// to an IP should give that error.
But it shows that you do have access to the IP.
I still don't see the IP of the client PC; but the PC and the server seem to be on the same LAN.
So I'm confused on why it presents that error when you added the the entry in the hosts file.

Let me crosscheck the facts...
[and take nothing for granted]
What is the IP on the client PC?
What IP is shown by the client PC when you ping the server by its' full name [FQDN]?


You need to avoid using the publicIPaddress from within the private networks.
Meaning you should NOT try to cross the router, nor have the router handle any part of your conversation with the server (unless the router can be set to handle hairpinning - which doesn't seem likely).


The IP on the client PC from which I ran those commands is When I ping (I assume that is the FQDN), I get the following:

> ping
PING ( 56(84) bytes of data.
64 bytes from ( icmp_seq=1 ttl=63 time=12.1 ms
64 bytes from ( icmp_seq=2 ttl=63 time=10.8 ms
64 bytes from ( icmp_seq=3 ttl=63 time=12.5 ms
--- ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2002ms
rtt min/avg/max/mdev = 10.778/11.792/12.543/0.744 ms

Good to know about not using the public IP address from within the LAN.


That's still using the public IP.
You need to add an entry in the hosts file to override that IP (with the 192.168 number).


Here are one thousand words:

[now with color - thanks Ted Turner]


:slight_smile: Great diagram!

I added that entry to /etc/hosts on my local client and then did a reboot in case it needs that. When I try to go to it just tries to connect for a long time and then times out (I tried this both with Chrome and Firefox).

My concern was that people outside my local network were not able to connect to the site, but I just tried with my notebook connected through my phone wifi access spot (rather than my home network) and was able to connect. So I assume it has been working from outside my local network this whole time.

It would still be nice to be able to make the FQDN work from within the network, but this has helped me realize the site is working from external IP addresses.


Yes, see: SSL Server Test: (Powered by Qualys SSL Labs)

Please try the PING again from your PC:
[and show the output]


Wow, I finally have it working from inside the LAN as well now. I had a typo in my /etc/hosts entry, but it works now thanks to you folks.

Thanks so much -- I know this went well outside of letsencrypt issues. I really appreciate how you've helped me understand!


Glad we could help :slight_smile:
Cheers from Miami :beers:
[now back to trading crypto for beer...]