I am new to letsencrypt so please be kind. I set up a server running ubuntu 16.04 running apache webserver. The server is running behind a FritzBox router. I am using DNS and portforwarding to forward traffic to the server. Until now, I have a self-signed certificate that I invoked with these commands:
a2enmod ssl a2ensite default-ssl
This is working. But now I heard from LE and thought this would be better. I installed
sudo apt-get install python-letsencrypt-apache sudo letsencrypt --apache
but in the documentation, I can’t find any hints on how to set up custom ports or use port 80 instead. I could create a portforwarding to port 80 but not to 443 since this is reserved for FritzBox remote access. I tried
letsencrypt --standalone-supported-challenges http-01
but this still gives me an error, that prot 443 can’t be reached so I assume it doesn’t even try on port 80. I get the output
Failed authorization procedure. konstruktiv.selfhost.de (tls-sni-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Incorrect validation certificate for TLS-SNI-01 challenge. Requested 64f9dc972ae7acad1b8bbbda2fce1fb1.3ed77a75f69a5f67e917d808a4a95868.acme.invalid from 188.8.131.52:443. Received certificate containing 'konstruktiv.selfhost.de, eeeqhlbgnqg9h1br.myfritz.net, fritz.box, www.fritz.box, myfritz.box, www.myfritz.box, fritz.nas, www.fritz.nas' IMPORTANT NOTES: - The following errors were reported by the server: Domain: konstruktiv.selfhost.de Type: unauthorized Detail: Incorrect validation certificate for TLS-SNI-01 challenge. Requested 64f9dc972ae7acad1b8bbbda2fce1fb1.3ed77a75f69a5f67e917d808 a4a95868.acme.invalid from 184.108.40.206:443. Received certificate containing 'konstruktiv.selfhost.de, eeeqhlbgnqg9h1br.myfritz.net, fritz.box, www.fritz.box, myfritz.box, www.myfritz.box, fritz.nas, www.fritz.nas' To fix these errors, please make sure that your domain name was entered correctly and the DNS A record(s) for that domain contain(s) the right IP address.
Could someone please give me a hint on how to set up LE using port 80?
I would also encourage the documentation for ubuntu 16.04 to include some kind of step-by-step instructions for servers behind a router using portforwarding since I guess this is a quiet common scenario for small servers on rasppi or similar. I am really willing to help on that too.
Thank you very much!