I can login to a root shell on my machine (yes or no, or I don’t know):
The problem is, that configuring the plugin for the first time (about 80 days ago), everything worked ok, I needed to allow 80 TCP and 443 TCP from external so that the http challenge was able to contact the firewall and issue the first certificate onto the firewall. Now the automated renewal doesn’t seem to work, neither does the manual renewal. But I don’t think we’ve changed any firewall rules which would conflict in any wasy. We added some more, changed the “LAN to any allow” ruleset to “LAN only allow HTTP/HTTPS and DNS” and the VMs behind the firewall are able to connect to the internet.
So I SSHd into the firewall and looked at the log and found the following log info under /var/log/acme.sh.log:
[Mon Aug 12 09:31:48 CEST 2019] office.dachverband-dbt.de:Verify error:Fetching http://office.dachverband-dbt.de/.well-known/acme-challenge/A5hfiwj7_gMD2MAQ4DJsvCLWvNs6kqC04rdSAP2wOjo: Timeout during connect (likely firewall problem)
Can someone explain to me while this is not working? It looks like the connections are established successfully, but somehow it doesn’t make its way through the firewall.
I’m using the plugin version 1.23, not sure if it helps, though.
If you need any more info, please ask, I will do my best to give you the information.
Thanks in advance!