Hi.
I installed dehydrated on an internal server. It’s behind a firewall but I opened port 80 and set a CNAME (DDNS) on our vServer (with PLESK). The Plesk-Server is
(www.)example.org and the internal server is server.intern.example.org.
This internal server can be reached via port 80. When I call
http://server.intern.example.org/.well-known/acme-challenge/ I can access an index.html and the token will be generated correctly. So the directory is writeable!
But when I try “dehydrated --cron” I get this:
dehydrated --cron
# INFO: Using main config file /etc/dehydrated/config
Processing server.intern.example.org
+ Signing domains...
+ Generating private key...
+ Generating signing request...
+ Requesting challenge for server.intern.example.org...
+ Hook: Nothing to do...
+ Responding to challenge for server.intern.example.org...
+ Hook: Nothing to do...
+ Hook: Nothing to do...
ERROR: Challenge is invalid! (returned: invalid) (result: {
"type": "http-01",
"status": "invalid",
"error": {
"type": "urn:acme:error:connection",
"detail": "Fetching http://server.intern.example.org/.well-known/acme-challenge/mbskngekürztO3yk: Timeout",
"status": 400
},
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/Q1gbjgekürzt920524828",
"token": "mbsknIOgekürzt29U3yk",
"keyAuthorization": "mbskgekürzt29U3yk.9MqbIWBPjs",
"validationRecord": [
{
"url": "http://server.intern.example.org/.well-known/acme-challenge/mgekürzt9U3yk",
"hostname": "server.intern.example.org",
"port": "80",
"addressesResolved": [
"178.xxx.yyy.zzz"
],
"addressUsed": "178.xxx.yyy.zzz"
}
]
})
I have no idea what to do. IPv6 is not activated – so the fallback to IPv4 should work.
Any hints what to do?
Thanks.