ACME - can't get certificates - new install

Started by BassT23, February 03, 2024, 07:46:33 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
February 03, 2024, 07:46:33 PM
Hi @ll,

I'm new in opnsense, but I want to use a good firewall with proxy support included.

For this I create an opnsense VM into my Proxmox Cluster Setup.

Port 80 and 443 are redirected to Wan Interface in Internet Router.
Port80 and 443 are open in firewall.
subdomain is created on Strato and redirected to home IP

For now I try with the "eseast" way of use: replace the opnsense self signed certificate with Lets encrypt.

error:
[Sat Feb 3 19:11:01 CET 2024] Invalid status, opnsense.foobar.de:Verify error detail:xx.x.xx.xx: Invalid response from https://opnsense.foobar.de/?url=/.well-known/acme-challenge/neEJ8dxRnEJR0n9754foobarRqjAWjY7blTDjnEjlO0:

No error code for now, ...

How could I fix it?
February 07, 2024, 10:22:09 AM #1
It looks like you're using a HTTP-01 challenge type in ACME. I recommend to use DNS-01, it is much more reliable.
May 08, 2024, 06:39:23 PM #2
@BassT23
Same issue. Domain hosted at Strato. http-challenge not working.
@fraenki
Strato does not support any "automatic" dns-01 challenge.
You have to enter an TXT entry manually every 3 month when renewing the LE Certificates.
Print
Go Up Pages1
User actions