Remote setup outside of intended network

Version7 · March 16, 2023, 9:05pm

I'm setting up a new server outside of its intended network. I do have control over DNS for this domain but obviously the IP address the server is currently at is not going to match the IP in DNS. Is there a way to work around this, or must the server be connected to its designated IP?
Thank You
Kevin

My domain is: katzrealtyinc.com

I ran this command: None

It produced this output: None

My web server is (include version): Apache/2.4.37 (rocky)

The operating system my web server runs on is (include version): Rocky Linux 8.7

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.22.0

Bruce5051 · March 16, 2023, 9:07pm

Consider using the DNS-01 challenge of the Challenge Types - Let's Encrypt, possibly with a wildcard domain name.

_az · March 16, 2023, 9:10pm

Since your domain has its DNS hosted with Cloudflare, you can do this pretty easily with certbot-dns-cloudflare, which should be available in Rocky Linux's repos (if that's how you installed Certbot).

rg305 · March 17, 2023, 12:21am

Hi @Version7, and welcome to the LE community forum

Can you describe the use case?
If the IP for the name won't match the server using the cert... How can that server use the cert?

schoen · March 17, 2023, 1:46am

I guess it will be installed elsewhere later, after it has been configured?

Version7 · March 17, 2023, 9:25pm

Thank you for this suggestion, worked perfectly - a couple notes for others using this OS:

When creating the Cloudflare API token, along with the intended IP addresses, I had to add the server's current IP to that token for this to work. But it appears that the latter can be removed from the token once finished with this remote setup.

Also, I ran into an issue with the cloudflare.ini: "CloudFlareAPIError: profile/configuration read error". I tried placing this file in a couple different secure locations but the only folder I had success was in /etc/letsencrypt/.cloudflare.ini - anywhere else resulted in the above error.

Thanks again!
Kevin