Hello. While I had one server with a smart home, there were no problems with let's encrypt, the DNS was redirected to my white ip, and the router was configured to forward all requests to ports 80 and 443 from the outside, to the local server 192.168.1.2, that's all worked and the certificates themselves were updated. But now there is a need for two more servers with external access, NextCloud server (192.168.1.3) for files and a separate server with Ubuntu (192.168.1.4) for hosting the site. And now, I don't understand how to configure let's encrypt, if it always needs port 80 to update certificates, and I can only redirect locally to one host. How to be in this situation?
2 Likes
Hi @nikolz
then
- you can't use http validation, switch to dns validation (or)
- add a new webserver that acts as a proxy. So you send the port 80 to that proxy and the proxy can split it into domain + port -> destination.
But proxy configurations are not certificate-relevant.
2 Likes
As stated DNS authentication completely bypasses the HTTP problem and would provide certs for any system with access to make DNS changes.
But if that is not an available option (or it is not something that can be automated), then you might consider using a reverse proxy to listen to all the inbound HTTP (and possibly HTTPS) connections and "route" them properly to their actual, and individual, final destinations.
The most likely (simplest) candidate for this would be the Ubuntu server.
["route" is used figuratively - it would actually "proxy" them]
2 Likes
If anyone can help, I solved my problem by installing Nginx Proxy Manager on the HomeAssistant server. After installation, ports 443 and 80 are directed to the server where the Nginx Proxy Manager is installed, and inside it we configure local forwarding to the required subdomains and receive certificates.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.