Use which domain name after port 80 redirect

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

Due to my ISP router using port 80 as the router management login page, I do port 80 redirect from aiotedgeconnect.dyndns-server.com:80/ to aiotedgeconnect.dyndns-remote.com:1313/. User will use aiotedgeconnect.dyndns-server.com to access my web server.

My domain is: aiotedgeconnect.dyndns-server.com/ and aiotedgeconnect.dyndns-remote.com:1313/

I ran this command: sudo certbot --nginx -d aiotedgeconnect.dyndns-server.com

It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for aiotedgeconnect.dyndns-server.com
Waiting for verification...
Challenge failed for domain aiotedgeconnect.dyndns-server.com
http-01 challenge for aiotedgeconnect.dyndns-server.com
Cleaning up challenges
Some challenges have failed.

IMPORTANT NOTES:

• The following errors were reported by the server:

  Domain: aiotedgeconnect.dyndns-server.com
  Type: unauthorized
  Detail: 130.61.69.238: Invalid response from
  http://aiotedgeconnect.dyndns-server.com/.well-known/acme-challenge/afPdzTLnKhgExewaFGcKflRzJZl8IGSnneAqJ84WKfA:
  "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<!DOCTYPE html PUBLIC
  "-//W3C//DTD XHTML 1.0 Frameset//EN"
  "http://www.w3.org/TR/xhtml1/D"

  To fix these errors, please make sure that your domain name was
  entered correctly and the DNS A/AAAA record(s) for that domain
  contain(s) the right IP address.

My web server is (include version): NGINX 1.18.0

The operating system my web server runs on is (include version): Ubuntu 20.04

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 0.40.0

Hi @tankienleong, and welcome to the LE community forum

LE will only follow redirects to port 80 or port 443 [NOT to port 1313].

That said, I don't see any such redirection.
I see a default nginx page at that site name.
Maybe you have found a way to move the routers port away from 80?

Additioanlly:

should NOT be using certbot from apt:

Changing it won't fix this problem, but, nonetheless, you should follow best practices.
See: Certbot Instructions | Certbot (eff.org)

Sorry, I forgot to mention there is a pfSense do port forward from port 1313 to port 80 again.

Due to cloaking is enabled on a WebHop, you won't see the redirection on the web browser.

What does that mean? Maybe your "cloaking service" is messing up the http-01 challenge.

Supplemental that is an old version of Certbot - Certbot 2.2.0 Release

That is irrelevant.
LE will NOT try to reach port 1313.

But I am willing to try to reach 1313 S Harbor Blvd Anaheim, CA 92802

Hi everyone, I solved the issue after move the router's port away from 80. Thank you for your help and suggestions. I also will update Certbot to the latest version.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.