Hello, my server has an iptables firewall setup to NOT allow any outbound http/https requests to the internet under normal operation. I am trying to setup a pre-hook/post-hook that will temporarially open this access to that certbot can renew, however the pre-hook doesn't seem to be invoked early enough in the process to allow this to happen.
Certbot is attempting to connect outbound PRIOR to invoking the pre-hook.
Any thoughts on how to fix or workaround this?
I ran this command:
It produced this output:
Attempting to renew cert (XXXXXXXXXXXXXXX) from /etc/letsencrypt/renewal/XXXXXXXXXXXX.conf produced an unexpected error: Requesting acme-staging-v02.api.letsencrypt.org/directory: Connection refused. Skipping.
The operating system my web server runs on is (include version):
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you're using Certbot):