Hello I have web server behind NAT, this server has only https (no http). I have only one port - 444, which is visible from internet (on router is set port forwarding from 444 external to 443 internal), DNS is set, that A record is public IP address of router. Then I need letsencrypt certificate, but validation does not work (fail to connection)
I try: letsencrypt certonly -a manual -d dicomweb.multiscan.cz --http-01-port 444 --test-cert
Outout is:
Saving debug log to /var/log/letsencrypt/letsencrypt.log │
│ Starting new HTTPS connection (1): acme-staging.api.letsencrypt.org │
│ Obtaining a new certificate │
│ Performing the following challenges: │
│ http-01 challenge for dicomweb.multiscan.cz │
│ Using non-standard port for http-01 verification: 444 │
│ Starting new HTTP connection (1): dicomweb.multiscan.cz
Output is:
Failed authorization procedure. dicomweb.multiscan.cz (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Could not connect to dicomweb.multiscan.cz
IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: dicomweb.multiscan.cz
Type: connection
Detail: Could not connect to dicomweb.multiscan.czTo fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you’re using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.
My domain is: https://dicomweb.multiscan.cz:444/
My operating system is (include version): Debian 8
My web server is (include version): Apache 2.4