Resently i have changed my network and my webserver is now running behind firewall and has different ip (server had external ip address and now it has local ip adress) web ports 80 443 are open to this ip, http is working fine but https doesnt. Could the problem be in certbot or evrything should work fine and i have to do something with my firewall?
My domain is:kjtg.edu.ee
I ran this command:certbot certonly --manual -d kjtg.edu.ee
The operating system my web server runs on is (include version):Ubuntu server 14.04
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no
Does your website (server) now can't be accessed from external network? Or you'll need to configure your firewall to allow incoming connection?
If this(can't connect to network) is the case, you can't get a certificate from Let's Encrypt using HTTP-01 (basically, connects to your website and verify if there's a correct challenge file that existed in the specified path). But you still could use DNS-01 validation (adding DNS txt records to proof ownership).
BTW: I tried to connect to the domain, and there's an empty page.
Thanks for quick reply!
Yes it can be accessed http works fine for example kjtg.edu.ee/gallery works https://kjtg.edu.ee/moodle doesnt work. 443 port is open
Had no error message with certbot certonly --manual -d kjtg.edu.ee
Now I can see why that is happening.
You only have three configs:
One is port 80 only (won’t match :443)
One is port 443 only (won’t match server name to cert)
One is all ports - so this one is forced to match - but has no way to encrypt connections.
# /etc/cron.d/certbot: crontab entries for the certbot package
# Upstream recommends attempting renewal twice a day
# Eventually, this will be an opportunity to validate certificates
# haven't been revoked, etc. Renewal will only occur if expiration
# is within 30 days.
0 */12 * * * root test -x /usr/bin/certbot && perl -e 'sleep int(rand(3600))' && certbot -q renew