Code: Select all
acme.sh --issue --standalone -d mail.example.org -d mail.example.com -d mail.example.net
Ref: https://unix.stackexchange.com/questions/16564/
Letsencrypt installation issues
-
JDunphy
- Outstanding Member
- Posts: 901
- Joined: Fri Sep 12, 2014 11:18 pm
- Location: Victoria, BC
- ZCS/ZD Version: 9.0.0_P39 NETWORK Edition
Re: Letsencrypt installation issues
This is how we do it with acme.sh which is the script I use but if we wanted to use your http-01 method, the arguments would be as below. Notice: it is a little clearer that the script is also the webserver given that --standalone.
Which brings up an important point.. any port below 1024 requires root or the socket call with fail... So make sure you are running that certbot as root so it can bind to port 80.
Ref: https://unix.stackexchange.com/questions/16564/
Ref: https://unix.stackexchange.com/questions/16564/
-
Rony
- Posts: 45
- Joined: Fri Jan 27, 2017 3:50 pm
- Location: Canada-Montreal
- ZCS/ZD Version: Zimbra 9.0.0_GA_4174
- Contact:
Re: Letsencrypt installation issues
Hi Jim,
I feel frustrated and stupid, I have spent hours on the phone earlier with my ISP to realize they have in fact blocked port 80 few months ago despite a professional contract with a fixed IP address.
It had to be escalated to discover that information! So the issue was not on my side as I thought and after my time being wasted, I had no choice but to call again and cancel my contract.
I want to thank you again for your time and I am sorry.
I will try all over in a week when I will be with a new ISP.
I feel frustrated and stupid, I have spent hours on the phone earlier with my ISP to realize they have in fact blocked port 80 few months ago despite a professional contract with a fixed IP address.
It had to be escalated to discover that information! So the issue was not on my side as I thought and after my time being wasted, I had no choice but to call again and cancel my contract.
I want to thank you again for your time and I am sorry.
I will try all over in a week when I will be with a new ISP.
-
JDunphy
- Outstanding Member
- Posts: 901
- Joined: Fri Sep 12, 2014 11:18 pm
- Location: Victoria, BC
- ZCS/ZD Version: 9.0.0_P39 NETWORK Edition
Re: Letsencrypt installation issues
No worries... A good practice is learning to telnet into port 80 from an external location to verify this yourself. That catches these problems pretty quickly. This type of blocking happens from time to time... port 25 is often initially blocked on some low cost cloud providers until you request they remove the fw rule after host provisioning. I seem to remember a particularly bad ISP in Illinois that thought it was fun to keep their users guessing with randomly blocking SMTP/IMAP/POP3 ports which generated phone calls to our support lines that our services were down. Pretty common to experience this from time to time and it won't be your last.Rony wrote:Hi Jim,
I feel frustrated and stupid, I have spent hours on the phone earlier with my ISP to realize they have in fact blocked port 80 few months ago despite a professional contract with a fixed IP address.
It had to be escalated to discover that information! So the issue was not on my side as I thought and after my time being wasted, I had no choice but to call again and cancel my contract.
I want to thank you again for your time and I am sorry.
I will try all over in a week when I will be with a new ISP.
ref: https://wiki.zimbra.com/wiki/Simple_Tro ... nd_Openssl