IP address firewall


#1

greeting,
Which IP address does LE access to certificate generating servers?
In my firewall all IP addresses are blocked except from Croatia, so I need an IP range to fire it on the firewall to generate the LE certificate.

I’m getting a Timeout during connect (likely firewall problem) error.


#2

There is no stable list of IP addresses: https://letsencrypt.org/docs/faq/#what-ip-addresses-does-let-s-encrypt-use-to-validate-my-web-server

If you don’t want your server to be open to the internet at large, then you should use the DNS-based challenge instead.


#3

As @_az said, for incoming connections:

There is no stable list of IP addresses: https://letsencrypt.org/docs/faq/#what-ip-addresses-does-let-s-encrypt-use-to-validate-my-web-server

For outgoing connections:

To use Let’s Encrypt, you need to allow outbound port 443 traffic from the machines running your ACME client. We don’t publish the IP ranges for our ACME service, and they will change without notice.


#4

These API endpoints are hosted by the Akamai CDN, and they can be different depending on where on the Internet you’re accessing them from. Akamai can also change them over time according to its own criteria.


#5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.