Troubleshooting SSL Certificate Issuance with Let's Encrypt
Hello,
I’m encountering an issue while attempting to issue an SSL certificate using Let’s Encrypt.
With my firewall enabled, the certificate issuance process fails because it cannot identify the “authoritative” domain of my website. However, when I temporarily disable the firewall and retry, the certificate is issued successfully.
I suspect something in my firewall configuration is blocking the process, but I’m not sure where to start.
- How can I determine what might be causing the blockage in my firewall?
- Are there any tips or tools I can use to validate and troubleshoot this issue effectively?
Thank you in advance for your guidance.
Best regards,
-
Hey there! With the firewall enabled, are you able to make outbound connections over 53, 80, and 443? I would expect those ports to function for outbound connections as well so the DNS checks and SSL checks can be performed.
0 -
Yes! The doors 53, 80 and 443 are open.
Is there any other configuration that I would need to pay attention to? Our logs are not able to find anything that is explicit about this blockage.0 -
As a test, are you able to connect to an external nameserver? Something like :
telnet c.cpanel.net 53
would be a valid test.
0 -
Yes, I can telnet normally.
0 -
Thanks for that information - I'm honestly not sure as intodns.com is not reporting any issues for your domain's DNS configuration.
At this point it would be best to create a ticket so this can be investigated directly on the server.
0 -
Got it!
Well, I thought it could be a simple solution, since the certificate is issued when the firewall is inactive!
I'll open a ticket as you advised!
Thank you for your attention;0 -
Which firewall are you using? Is it CSF or something else?
0 -
CSF and Imunify 360
0 -
If the issue happens with the firewall off then the problem wouldn't be related to cPanel. However, we may be able to help find the specific firewall setting that is causing the issue, even if we can't make the adjustment for you.
0
Please sign in to leave a comment.
Comments
9 comments