Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    acme /usr/local/www/.well-known/acme-challenge/, Port: 80

    Scheduled Pinned Locked Moved Russian
    4 Posts 2 Posters 862 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • I
      inkoff
      last edited by

      /usr/local/www/.well-known/acme-challenge/, Port: 80
      /usr/local/www/.well-known/acme-challenge/, Port: 443
      /usr/local/www/.well-known/acme-challenge/

      Вот такие записи в настройке сертификатов acme.
      Причем, те что с портом - обновляются при отключеном HaProxy.
      А те что без порта - получаю ошибку "error: authorization must be pending"

      Подскажите, что может быть?

      werterW 1 Reply Last reply Reply Quote 0
      • werterW
        werter @inkoff
        last edited by werter

        @inkoff
        И acme и haproxy слушают один порт?
        вариант со standalone server рассматривали?

        есть еще вариант с lua-скриптом
        https://docs.netgate.com/pfsense/en/latest/packages/acme/settings-validation.html

        Webroot Local Folder
        This method works similar to FTP Webroot but with the files hosted on the firewall itself. This method cannot be utilized by the WebGUI web server as that would mean exposing the GUI to the Internet, which is a major security issue.

        This method can, however, be used in conjunction with the HAProxy package to host the files on the firewall itself in some circumstances. See https://forum.netgate.com/post/677786 for details.

        Важно.
        Использовать для вебки пф НЕСТАНДАРТНЫЕ порты (11080 и 11043, напр) и отключить web gui redirect.

        I 2 Replies Last reply Reply Quote 0
        • I
          inkoff @werter
          last edited by

          @werter said in acme /usr/local/www/.well-known/acme-challenge/, Port: 80:

          вариант со standalone server рассматривали?

          в процессе

          1 Reply Last reply Reply Quote 0
          • I
            inkoff @werter
            last edited by

            @werter попробую ваше предложение

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.