[BlueOnyx:25969] Blueonyx 5210R - firewalld ist blocking let's encrypt
Dirk Estenfeld
dirk.estenfeld at blackpoint.de
Mon Feb 13 11:21:11 -05 2023
Hello,
on a machine with almalinux 8 / blueonyx 5210R, activated firealld and
packages fail2ban and Firewall this is the second time in a relatively short
period that Let's Encrypt has failed with a certificate renewal timeout:
[Mon Feb 13 03:49:33 CET 2023] www.domain.de:Verify error:123.456.78.90:
Fetching
http://www.domain.de/.well-known/acme-challenge/GT4WUNBge2I3GjR3GpDDmOBhIEF0
sT2qCkwbO577c8w: Timeout during connect (likely firewall problem)
After a systemctl restart firewalld and a /etc/cron.daily/letsencrypt.cron
all previous failed LE certificates were successfully renewed.
Has anyone had this problem before? Any suggestions for solutions? Does
anyone know the IP addresses from which LE is trying to validate the URL so
that I can add them to the whitelist of Fail2ban and the firewall?
Best regards,
Dirk
blackpoint GmbH – Friedberger Straße 106b – 61118 Bad Vilbel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20230213/d42b3a1a/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4940 bytes
Desc: not available
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20230213/d42b3a1a/attachment.p7s>
More information about the Blueonyx
mailing list