Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
24.1 Legacy Series
»
ACME - can't get certificates - new install
« previous
next »
Print
Pages: [
1
]
Author
Topic: ACME - can't get certificates - new install (Read 953 times)
BassT23
Newbie
Posts: 6
Karma: 0
ACME - can't get certificates - new install
«
on:
February 03, 2024, 07:46:33 pm »
Hi @ll,
I'm new in opnsense, but I want to use a good firewall with proxy support included.
For this I create an opnsense VM into my Proxmox Cluster Setup.
Port 80 and 443 are redirected to Wan Interface in Internet Router.
Port80 and 443 are open in firewall.
subdomain is created on Strato and redirected to home IP
For now I try with the "eseast" way of use: replace the opnsense self signed certificate with Lets encrypt.
error:
[Sat Feb 3 19:11:01 CET 2024] Invalid status, opnsense.foobar.de:Verify error detail:xx.x.xx.xx: Invalid response from
https://opnsense.foobar.de/?url=/.well-known/acme-challenge/neEJ8dxRnEJR0n9754foobarRqjAWjY7blTDjnEjlO0
:
No error code for now, ...
How could I fix it?
Logged
fraenki
Full Member
Posts: 175
Karma: 29
Re: ACME - can't get certificates - new install
«
Reply #1 on:
February 07, 2024, 10:22:09 am »
It looks like you're using a HTTP-01 challenge type in ACME. I recommend to use DNS-01, it is much more reliable.
Logged
wagman77
Newbie
Posts: 11
Karma: 0
Re: ACME - can't get certificates - new install
«
Reply #2 on:
May 08, 2024, 06:39:23 pm »
@BassT23
Same issue. Domain hosted at Strato. http-challenge not working.
@fraenki
Strato does not support any "automatic" dns-01 challenge.
You have to enter an TXT entry manually every 3 month when renewing the LE Certificates.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
24.1 Legacy Series
»
ACME - can't get certificates - new install