hi all,
on my firewall i have opened from my lets encrypt server 443 outbound to any external ip (as lets encrypt says it doesnt just use 1 ip address and it uses sometimes different ones)
also i have done a port forward from any external ip inbound 443 to my lets encrypt server
this connects to the service but it cant give me a SSL cert (see below) -
certbot --apache
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
No names were found in your configuration files. Please enter in your domain
name(s) (comma and/or space separated) (Enter ‘c’ to cancel): sftp.molinare.co.uk
Obtaining a new certificate
Performing the following challenges:
tls-sni-01 challenge for sftp.molinare.co.uk
We were unable to find a vhost with a ServerName or Address of sftp.molinare.co.uk.
Which virtual host would you like to choose?
(note: conf files with multiple vhosts are not yet supported)
1: ssl.conf | | HTTPS | Enabled
Press 1 [enter] to confirm the selection (press ‘c’ to cancel): 1
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. sftp.molinare.co.uk (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Timeout
from an external ip if i connect to “sftp.molinare.co.uk” i get my web server apache test page
can anyone help, many thanks,
rob