IP address firewall

dejandu · June 27, 2018, 7:43am

greeting,
Which IP address does LE access to certificate generating servers?
In my firewall all IP addresses are blocked except from Croatia, so I need an IP range to fire it on the firewall to generate the LE certificate.

I’m getting a Timeout during connect (likely firewall problem) error.

_az · June 27, 2018, 7:54am

There is no stable list of IP addresses: https://letsencrypt.org/docs/faq/#what-ip-addresses-does-let-s-encrypt-use-to-validate-my-web-server

If you don’t want your server to be open to the internet at large, then you should use the DNS-based challenge instead.

tdelmas · June 27, 2018, 11:24am

As @_az said, for incoming connections:

There is no stable list of IP addresses: FAQ - Let's Encrypt

For outgoing connections:

To use Let’s Encrypt, you need to allow outbound port 443 traffic from the machines running your ACME client. We don’t publish the IP ranges for our ACME service, and they will change without notice.

schoen · June 27, 2018, 4:19pm

These API endpoints are hosted by the Akamai CDN, and they can be different depending on where on the Internet you're accessing them from. Akamai can also change them over time according to its own criteria.

system · July 27, 2018, 4:19pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
OUTPUT iptables rules Server	15	9512	August 21, 2017
Outbound traffic - stability of IP address of acme-v01.api.letsencrypt.org Issuance Tech	9	6965	October 6, 2016
Let's Encrypt server addresses for certificate renewal Issuance Tech	8	113550	February 20, 2019
Address range for “http-01” ACME challenge Help	6	4643	April 3, 2022
Can Lets Encrypt be automated without outbound HTTPS access? Server	5	1851	April 20, 2018

IP address firewall

Related topics