[prev in list] [next in list] [prev in thread] [next in thread] 

List:       fedora-list
Subject:    Re: Certbot error
From:       "T.C. Hollingsworth" <tchollingsworth () gmail ! com>
Date:       2023-04-23 19:07:30
Message-ID: CAJVv0On-sWEmTLbLX2qEqxsZcvHqAN4FZtdBgYdh+GdPFpK7KQ () mail ! gmail ! com
[Download RAW message or body]

On 4/23/23, Patrick O'Callaghan <pocallaghan@gmail.com> wrote:
> On Mon, 2023-04-24 at 02:36 +0930, Tim via users wrote:
>> If you browse to http://bree.org.uk/ and https://bree.org.uk/
>> do you get the same results?
>>
> Internally, yes.

If you want a  *publicly* trusted certificate the authentication token
from Let's Encrypt or other certificate provider must be made
*publicly* accessible somehow.

For http-01 authentication as used by certbot's apache
auto-configuration and webroot methods your web server must be
publicly accessible on port 80.

For tls-alpn-01 authentication as used by Apache's mod_md module your
web server must be publicly accessible on port 443.

If this is not acceptable consider using dns-01 authentication method
mentioned upthread if your DNS provider has an API or you run your
own, or even a private CA.
_______________________________________________
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue

[prev in list] [next in list] [prev in thread] [next in thread]