ACME(standalone) HAProxy stopped working!
-
I had setup acme with HAProxy and standalone server for my LetsEncrypt certificates in early 2020 using pfSense 2.4.4. It worked fine, last time update of certificate was end of march 2021.
I now get a message during renew that LetsEncrypt cannot reach FQDN/.well-known/acme-challenge/***.My Setup is
HAproxy with a frontend with 2 backends.- passing to internal webserver.
- passing to 127.0.0.1 port 55088
The frontend has a error page showing maintenance
The standalone sever in acme points to 127.0.0.1 port 55088
No change made to ACME and HAproxy configuration other than adding a domain name or 2 to the certificate.
When I type the FQDN. I get my web server redirected to https.
When I use FQDN/.well-known/acme-challenge I get the Maintenance pageI understand that the webserver is only started during the update process. Where can I see that it actually started during the update process?
Current version numbers
PfSense 2.5.1
ACME 0.6.9_3
HAPROXY 0.61_1Is there something changed in the ACME / HAproxy client after march 2021
Thanks
-
@jackus Ok solved it my self.
It seems that you cannot use 127.0.0.1 anymore for the acme backend.
I change the backend to LAN IP address and al worked again.