SSL of pfSense WebGUI - Timeout during connect (likely firewall problem)

My domain is:
kohanyim.com

I ran this command:
curl -Ii https://kohayim.com/.well-known/acme-challenge/Test_File-1234

It produced this output:
curl: (6) Could not resolve host: kohayim.com

My web server is (include version):
nginx 1.20.2

The operating system my web server runs on is (include version):
pfSense
2.6.0-RELEASE (amd64)
built on Mon Jan 31 19:57:53 UTC 2022
FreeBSD 12.3-STABLE

This is a PC Build

My hosting provider, if applicable, is:
NOIP

I can login to a root shell on my machine (yes or no, or I don't know):
Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
no. pfSense administration web gui

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
Not using

Moved from the Netgate SG-2100 to a PC Build, was able to import the Cert but, it will be expiring next month on the 8th, so I'm trying to establish the account on again with no success.

I'm able to do this:

curl http://kohanyim.com/404
<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx</center>
</body>
</html>

hangs on this:
curl https://kohanyim.com/404

and

curl -Iv https://kohanyim.com/404
*   Trying 67.0.9.244:443...

Get feed back on this:

curl -Iv http://kohanyim.com/404
*   Trying 67.0.9.244:80...
* Connected to kohanyim.com (67.0.9.244) port 80 (#0)
> HEAD /404 HTTP/1.1
> Host: kohanyim.com
> User-Agent: curl/7.81.0
> Accept: */*
> 
* Mark bundle as not supporting multiuse
< HTTP/1.1 301 Moved Permanently
HTTP/1.1 301 Moved Permanently
< Server: nginx
Server: nginx
< Date: Wed, 06 Jul 2022 04:38:03 GMT
Date: Wed, 06 Jul 2022 04:38:03 GMT
< Content-Type: text/html
Content-Type: text/html
< Content-Length: 162
Content-Length: 162
< Connection: keep-alive
Connection: keep-alive
< Location: https://kohanyim.com:8000/404
Location: https://kohanyim.com:8000/404
< X-Frame-Options: SAMEORIGIN
X-Frame-Options: SAMEORIGIN

< 
* Connection #0 to host kohanyim.com left intact

I need help solving this,
Thanks!....

That error is because you misspelled your domain name.

The other errors are because you do not have port 443 or port 8000 open. Only port 80 is open. Check your router or hosting service for how to open those.

I see you redirect requests from HTTP (port 80) to port 8000. If you do that for the HTTP acme challenge URL it will fail because you cannot use different ports for that.

curl -I kohanyim.com
HTTP/1.1 301 Moved Permanently
Server: nginx
Location: https://kohanyim.com:8000/
9 Likes

Oh wow, would you look at that. :blush: Thanks, I need to take a break, been working 12+ hours a day getting my server operational for the public and private.

Yea, I was following a tutorial on youtub and these people never update their material for today's standards. :face_with_raised_eyebrow: Okay, I will fix that thanks.

3 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.