-
Where can I see the directory it tried to create that failed?
Erm… that'd be the one you configured (if you are talking about the local webroot method). If you did not configure any, no wonder it doesn't work.
-
a hint where this is configured would be much appreciated
-
In the same place where you select the method.
-
There's no field to configure a directory in pf version 2.3.2_1 and acme package 0.1.9
Also i don't think that configuring webroot is enough, from what i saw so far LE tryes to access a document over http, but there is no webserver listening on port 80 nor is there a firewall rule allowing access from LE to 80 over WAN.
would be great if the cert issue process ensures that LE is trying to access the document over 443 (if webif is on 443) and that there is a rule or even better open a temporary one if this is possible -
-
See attachement on how it looks on my pfsense
Do i use a broken template i'm not aware that i changed it, but i'm absolutely not sure
In the other thread you write "If someone really insists on using a local webroot."
I'm absolutely not insisting on it, but which is the prefered method to use?And many thank for helping and replying so quick!
 -
Click the + there.
-
oh boy, ok got it, many thanks
-
https://redmine.pfsense.org/issues/7237
-
doktornotor pointed to the method how to set it up with HAproxy whenthereisn'tawebserveronport80*
HOWEVER: The default nginx Webconfigurator, will also listen on port 80 when the "WebGUI redirect" is unchecked (System -> Advanced -> Admin Access)
Then, under the certificate under the Services -> ACME, select/edit/create the certificate, you select the webroot local, and then use /usr/local/www/.well-known/acme-challenge/
(See attachment)I suspect when I check that WebGUI redirect disable, then you could use the "standalone HTTP server" option…
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.