What if port 80 is inaccessible and stopping TLS-SNI-01 with Certbot


I don’t know your setup.

I can only say for certain that the system making the cert request needs to validate the response.
So if the Nextcloud machine is another IP - the cert request/response will most likely fail.

Maybe you can pencil in a quick napkin drawing of how it is all connected.


Try it. Your redirect http -> https looks ok. Will it work? Check it.




Guess what, port 80 now open!

Updated configuration:



Congratulations, all renewals succeeded. The following certs have been renewed:

This worked: see the second picture, thanks to Jürgen and rg305. -> set port forwarding for http and https to the same machine. The Apache servers take care of the traffic, no need to change any of the config files. Then ran:

sudo certbot renew --dry-run

sudo certbot renew

closed #26

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.