Need assistance in private beta... about lego HOT 10 CLOSED

Is there an active proxy listening on port 80 which forwards traffic to the opt port 10443 you told lego to bind to?

LE will try to access your server on port 80 for HTTP-01.

from lego.

damn thank you. I hoped I would be able to use a different port than either 80/443. It sucks to disable the nginx to update the certificates.

But it works now, awesome =)

from lego.

You don't have to disable nginx. That's what the optPort is for. You could just add a temporary proxy directive to the nginx config to pass all traffic on the path /.well-known/acme/ to port 10443. :)

from lego.

let me try this. Thanks for the support! :-)

from lego.

No problem. I know that this is kind of a convoluted way to work around nginx at the moment but as soon as we merge #32 and #16 we are able to put the token into the nginx webroot to let nginx serve it.

from lego.

its also hard to find that workaround in the first place.

You probably have to read the whole spec get which folder to proxy.

from lego.

I agree. I should probably improve the documentation on what optPort is for.

from lego.

Thanks for the awesome project btw.

from lego.

My pleasure :)

from lego.

Just for the record, that's the nginx proxy i used:

      location /.well-known/acme-challenge/ {
                proxy_ssl_session_reuse off;

                proxy_set_header        X-Forwarded-Proto $scheme;
                add_header              Front-End-Https   on;
                add_header Strict-Transport-Security "max-age=31536000";

                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $remote_addr;
                proxy_set_header Host $http_host;

                proxy_pass http://172.17.42.1:9999;
       }

Thanks again :D

from lego.