Reissue of certificate fails

I wish I'd thought of that :slight_smile:

4 Likes

:smile: A clear case of "TL:DR". :rofl:

3 Likes

Yes, I am not known for brevity :slight_smile:

4 Likes

Quick update. Sorry it doesn't yet provide a solution.

Just thought I'd say that the curl results information has been passed to the parent company network team.

Also, is it possible to edit the screenshot in the beginning as the network team are concerned that private IP is shown...

Done. :+1:

4 Likes

Thank you. I'm on a call now so will update later :slight_smile:

2 Likes

Firstly, may I thank you all in this thread who have contributed. The solution was indeed to create a rule on the Palo Alto firewall allowing acme-protocol to pass through. There were one or two other issues I think in the firewall which confused things for a while.

But ulitmately it was acme-protocol. Allow from public IP to internal IP. Initially this had been set to outbound only. Once it was set to inbound also, the site auto-renewed the certificate before I could make another manual attempt.

2 Likes

Many thanks for confirming Palo Alto firewall. Very helpful.

2 Likes