I have a setup where I have a host system
saturn that runs multiple containers using the LXD hypervisor. Apache is configured to reverse proxy to specific containers, which run on private internal IPs. SSL certificates are stored on
saturn and configured in the container-specific Apache virtual host. This seems to pose a problem when using certbot. Let’s use
titan as an example of a container running on
saturn. All of the challenge methods seem to be invalid:
- I can’t spawn a server on port 80 because Apache is always bound to port 80 on
- I can’t put a file in the webroot because the webroot only exists inside
titan, and certbot doesn’t know how to reach inside it.
- I can’t make DNS changes dynamically as there’s no API to do so in my organization.
What could I do to use certbot in this situation?
Apache 2.4.6, Centos 7, Certbot 1.3.0, I have root access.