Hi,
I have problems with letsencrypt behind nginx reverse proxy. i have a server with one public ip. on the server are more linux containers (virtual). on the root machine is a nginx server, there i created a reverse proxy to the server with letsencrypt (scroll down for nginx config). if i run letsencrypt on the machin behind the nginx proxy it connect to acme-v01.api.letsencrypt.org. but i have the following error:
Failed to connect to host for DVSNI challenge
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you’re using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.
the dns config is correct. because in the nginx log i have this error in the access log:
access.log:
66.133.109.36 - - [17/Mar/2016:22:25:10 +0100] “\x16\x03\x01\x00\xD2\x01\x00\x00\xCE\x03\x03d\xD1ya}$\xECo\x7Fl\x16\x07@\x9A\xD4[\xF7\xF9\xB0,\x95\x14\x85\x02N5\xE8OF\xF4\xFA\xB3\x00\x00\x18\xC0/\xC0+\xC00\xC0,\xC0\x13\xC0\x09\xC0\x14\xC0” 400 166 “-” “-” “-”
error.log:
2016/03/17 22:25:10 [info] 24301#24301: *1 client sent invalid method while reading client request line, client: 66.133.109.36, server: domain, request: “^V^C^A^@^A^@^@^C^Cdya}$o^?l^V^G@<9A>[,<95>^T<85>^BN5OF^@^@^X/+0,^S ^T”
NGINX Conf:
server {
listen 443;
server_name domain.name
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://192.168.1.5:80;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
can anybody can help me please?? maybe there is a config problem !