Answer the question
In order to leave comments, you need to log in
S
S
Sevastoporn2020-07-03 12:00:26
Sevastoporn, 2020-07-03 12:00:26
How do I get a Let's Encrypt FTP certificate and what ports do I need to open?
The FTP server outside has the ftp.mydomain.ru domain with open ports 20-21 and 45000-46000, all other ports are closed.
When running the command:
certbot certonly --standalone --agree-tos --email [email protected] -d ftp.mydomain.ru
Gives an error message:
spoiler
Challenge failed for domain ftp.mydomain.ru
http-01 challenge for ftp.mydomain.ru
Cleaning up challenges
Some challenges have failed.
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: ftp.mydomain.ru
Type: connection
Detail: Fetching
ftp.mydomain.ru/.well-known/acme-challenge/hfENwda...
Timeout during connect (likely firewall problem)
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you're using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.
http-01 challenge for ftp.mydomain.ru
Cleaning up challenges
Some challenges have failed.
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: ftp.mydomain.ru
Type: connection
Detail: Fetching
ftp.mydomain.ru/.well-known/acme-challenge/hfENwda...
Timeout during connect (likely firewall problem)
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you're using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.
There is a DNS record of type A and ftp.mydomain.ru at the same time resolves normally.
Is the command to obtain a certificate for FTP correct?
Is it necessary to open ports 80 and 443?
2 answer(s)
@sashkets
Now in /etc/letsencrypt we will create a cloudflare.ini file in which we specify
dns_cloudflare_email = [email protected]
dns_cloudflare_api_key = fr1sdeq2bf7621be94ca37c777859ee
certbot certonly --dns-cloudflare --dns-cloudflare-credentials /etc/letsencrypt/cloudflare.ini tld -d "*.domain.tld" the certificate is
received, and then the technical matter
is written based on https://4admin.info/automatically-renews-letsencry...
A
Alexander Chernykh, 2020-07-03 @sashkets
I have dns on claudflare, so I added the cloud plugin to the certbot
pip install certbot-dns-cloudflare --user
certbot plugins
* dns-cloudflare
...
* nginx
...
* standalone
...
* webroot
Now in /etc/letsencrypt we will create a cloudflare.ini file in which we specify
dns_cloudflare_email = [email protected]
dns_cloudflare_api_key = fr1sdeq2bf7621be94ca37c777859ee
certbot certonly --dns-cloudflare --dns-cloudflare-credentials /etc/letsencrypt/cloudflare.ini tld -d "*.domain.tld" the certificate is
received, and then the technical matter
is written based on https://4admin.info/automatically-renews-letsencry...
Similar questions
S
V
B
S
I
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question