Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
kdavidk
New Contributor II

Allow Certbot ssl cert renewal for server

Hi all,

 

i have a server that cant be accesible from the internet.

Based on this i have a letscrypt ssl cert renewal ussue and the logs shows that there are firewall errors.

 

When i disable blocking rules, it updates itself ina moment without any issue.

 

How can i solve this issue to have ssl autoupdates working and dont have an acces from the internet to servers?

 

Thanx

 

1 REPLY 1
ebilcari
Staff
Staff

If there is no access from internet to the server, you can try the "DNS-01 challenge" from letsencrypt. You have to make some changes in the DNS manager or use some API to automate it (major part of them support it now). https://letsencrypt.org/docs/challenge-types/

 

or you can consider to allow access from the internet to the server, only from the source IPs of letsencrypt servers.

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
Top Kudoed Authors