Good evening all,
is it possible to use letsencrypt inside a small company (domain) for a intranet Site?
The site is not availible from Internet just in company domain.
Thanks in advance and best regards
Good evening all,
is it possible to use letsencrypt inside a small company (domain) for a intranet Site?
The site is not availible from Internet just in company domain.
Thanks in advance and best regards
Yes, it possible. Probably, since you do not want to allow inbound HTTP access to your web server sitting on your intranet, you must fulfill DNS-01 challenge instead of HTTP-01 for that domain name.
In addition to what @bruncsak said, you must still use a real, unique domain that you own (or at least control) for your intranet machines.
Hello and thx for answer and also sry for my reply.
I tried today but have the problem to connect to a acme server.
[EROR] Unable to connect to ACME server
System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception.
---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure...
I search in internet and find some sites but dont find a solution.
Can some one help me to solve this issue on a Win2019 machine pls.
Thanks in advance and have a nice day
Hello all,
I get the following error if I start the win-acme (wacs.exe) to use letsencrypt .
I search in internet and find some sites but dont find a solution probably because of my bad english.
Can some one help me to solve this issue on a new installed Win2019 machine pls.
[EROR] Unable to connect to ACME server
System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception.
---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure...
Thanks in advance and have a nice day
On that Windows 2019 machine, are you able to successfully open https://acme-v02.api.letsencrypt.org in a browser?
Hy _az and thx for your answer.
No i cant open the site.
I tried to put it to trusted sites and its also not open.
Any ideas?
Thx in advance
That's pretty weird! Sounds like something is wrong with the Trusted Roots on that server.
They usually get updated via Windows Update, is this server fully patched?
You might be able to manually download the "TrustID X3" root from https://www.identrust.com/support/downloads and install it to your server's trust store. But it's probably a better idea to try fix this via Windows Update or whatever.
Are you in a country, or on an ISP, that is banning access to LE?
Do your DNS servers resolve other sites?
Hello,
the server is or was full patched and there is no more updates availible.
I will try tomorrow with manually downloading "TrusID X3" and let you know.
@rg305
I dont think so because nslookup show me an intern address and
with tracert i got 13 hops and from the 13 are the 1 Hop and 5-11 Hops with the msg Request timed out.
Tested-Url: acme-v02.api.letsencrypt.org
Thanks and gd night
You could do a very basic connectivity tests with:
telnet acme-v02.api.letsencrypt.org 80
telnet acme-v02.api.letsencrypt.org 443
If they are successful, then it is most likely the trust issue.
Hello and thx for answer.
I think there is a generally problem with the new installed server.
telnet result:
telnet acme-v02.api.letsencrypt.org 80
Connecting To acme-v02.api.letsencrypt.org...Could not open connection to the host, on port 80: Connect failed
Seems like that I must try to solve the problem 1st and then trying again with letsencrypt
@griffin
sry I'm new here and cant find how to merge 2 topics. Can you do it or explain me pls.
Thx in advance and beste regards
The merge request was directed at site moderators (you don't need to do anything):
No worries my friend. We just like to keep things tidy and reduce duplication and splitting attention.
Thanks James!
FYI for everyone helping:
What about on port 443?
telnet acme-v02.api.letsencrypt.org 443
[don't be shy - get involved and be heard - start with: if you see something you like, then like it ]
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.