noodle
December 13, 2019, 11:10pm
1
Hi, I am attempting to set up discourse on an ubuntu machine for first time. The intent is that the platform will only be accessible from within our company network, hence the IP address for the hostname registered with our DNS provider is an internal IP.
I am using instructions from https://www.howtoforge.com/tutorial/how-to-install-and-configure-discourse-forum-with-nginx-on-ubuntu-1604/
I have successfully bootstrapped and launched. However step 3 is failing (Generate SSL Letsencrypt) with following error:
Failed authorization procedure. (http-01): urn:ietf:params:acme:error:dns :: No valid IP addresses found for
nslookup on the machine can find the IP address from the hostname, and I can also ping the hostname
I think it has something to do with the fact the the IP address for the host is an internal address. I found this article but I’m not sure how to proceed. No valid IP addresses found for (my domain) - Help - Let's Encrypt Community Support
Remah
December 14, 2019, 1:30am
2
Let’s Encrypt needs to access the your IP address from the Internet.
The following topics/posts may help you:
If your server isn’t publicly accessible then Let’s Encrypt can’t verify that the DNS name resolves. If it were possible for servers to get Let’s Encrypt certificates without first verifying this, then all kinds of mischief would be possible.
Even if you can bodge this to temporarily get access and issue a certificate, it will fail for renewals.
VPN can’t help you here.
You’re going to need to either:
ask your university if they operate a Certificate Authority and can issue the server a cer…
https://meta.discourse.org/t/adding-a-dns-name-to-an-ip-based-install/102898/2?u=remah
You’ve skirted around answering my question somewhat.
Is there a valid public DNS record pointed at the public IP of the server? Are :80 and :443 externally accessible on that hostname and IP?
5 Likes