Problem in renewing certificate

yes, if I set it in my bindery locally:

$ORIGIN servmin.duckdns.org.
$TTL 1M
@       IN SOA  servmin.duckdns.org. admin.servmin.homelinux.org. (
 2011140701      ; serial
 8H              ; refresh
 4H              ; retry
 4W              ; expire
 3H              ; minimum
 )

servmin.duckdns.org.  IN NS  nuc.medianet.

                        IN A            10.1.1.xxx

ping yes -> port 80 no -> same with me.
jori

1 Like

If there's no global connection available for port 80 then Let's Encrypt can't connect to authenticate via http-01.

Personally, I highly recommend that you use dns-01 authentication via the certbot duckdns plugin for which I gave you a link before. It will avoid any IP address complications completely.

Hi Griffin,
I know, if there's no 80(443) connection to the outside there is no way.
Finally I was successful in solving the problem. My idea in the beginning that there's something wrong to the ip-forwarding in my router was the right trace.

This describes my problem exactly:
(networking - How to make Apache output packets through a certain network interface when connected to VPN? - Server Fault)
I tried to maneuver around the problem by opening a second ip on the server to handle the apache traffic and sending 80 and 443 traffic by ip forwarding of the router to that secondary ip. But unfortunately I found out yesterday that fritz (my AVM-Router) doesn't handle targets with different ips on the same device.

So finally I choosed an other online station to receive the traffic and reroute it to the server's secondary ip and -god thanks- that workaround is doing the job.

So my dear, thank You very much for Your help and patience and as we say in German: it was helpful, that we talked about it :slight_smile:

regards
jori

1 Like

You are quite welcome, my friend! :slightly_smiling_face: