Not having any Linux box at hand, I am using the IIS client. So forgive me if the following is an unsupported IIS client issue that is fixed in the Unix version.
But I have the following problem:
The server for which I need an auto-renewing certificate is only bound to https:||mysubdomain.mydomain.com:443 and smtp:||mysubdomain.mydomain.com:25.
Both http:||mysubdomain.mydomain.com:80 and ftp:||mysubdomain.mydomain.com:21 point to a different server.
As you may have guessed, the error that is thrown during the process is “The ACME server was probably unable to reach http:||mysubdomain.mydomain.com/.well-known/acme-challenge/abcdefgh...xyz”.
It is completely clear to me why, but I can’t fix it, because http:||mysubdomain.mydomain.com has to point to the other server. If the ACME server would try https:||mysubdomain.mydomain.com/.wll-known/acme-challenge/abcdefgh...xyz, but ignore any certificate issue, he would successfully find the challenge. In my understanding, this behaviour wouldn’t introduce any new security holes over the current behaviour.
Is there anything I can do to get automated renewal working?