No problem getting & renewing a LE cert in UTM's Certificate Management. Works great, lasts a long time ;)
Having a problem renewing my LE cert on the real web server behind WAF.
The virt profile for my real server is configured - Type: Encrypted (HTTPS) & redirect.
My LE log shows that when it does the http portion of the challenge
"url": "http://mydomain.com/.well-known/acme-challenge/XcPCjsRjZk__ATxYfZ_a24Yt-VFKey30cRS2recVpsL1GP2iTg"it fails with an invalid response.
My workaround is to enable a NAT rule on port 80 to my real server and then manually run the certbot renew on my real server.
For what it matters, my real server is a LEMP stack.
Is "Encrypted (HTTPS) & redirect" incompatible with LE renewals? (aka anyone else having this issue?)
Do I need to setup a separate profile for http to my real server?
Is this covered somewhere and I just don't know the right search terms?
My goal is to have my real server auto renew on it's own fully behind WAF.
This thread was automatically locked due to age.