Archive > 22.7 Legacy Series

ACME NGINX HTTP 400 Again.

<< < (2/3) > >>

Fright:
Hi)
I would look at the HAProxy logs in this case

itngo:
Ok, but why? We use nginx and have the Lets-Encrypt-Integration enabled and can see that the http request is reaching the NGINX-Server when we try to validate. So indeed the Lets-Servers can connect but do respond with 400 error.

Fright:
sorry, maybe I just didn't fully understand your configuration: why is HAProxy specified as a HTTP Service and not the default "OPNSense.." value is used?
How is this scheme supposed to work? (Is the "Enable Let's Encrypt Plugin Support" for the specified server enabled in nginx? Or are the files placed in some other way?)
Let's Encrypt Error 400 is not very self-explanatory: for example, it can even be a dna issues like
https://community.letsencrypt.org/t/error-lets-encrypt-validation-status-400/99289

itngo:
We use both on the opnsense. NGINX and HAProxy because NGINX can not do NTLM-Forward while HAProxy can.
So we use both to configure the most secure. NGINX with NAXSI for some Webs and HAProxy for other Webs.

Both on different IPs and bindings. It is working, except one Let's Cert which we created recently. This one can not issue and gives the so called 400. However, it is exactly configured like about 45 other Certs.

I know, 400 can mean everything or nothing. Had this in the past and it was just a matter of waiting some hours. But this is ongoing for days now...

muchacha_grande:
May be this fix the problem:

https://forum.opnsense.org/index.php?topic=30656.msg148080#msg148080

Cheers

Navigation

[0] Message Index

[#] Next page

[*] Previous page