-
Notifications
You must be signed in to change notification settings - Fork 2.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cloudflare DNS Lets Encrypt #120
Comments
I need this also. My ISP blocks port 80 |
What ISP is that? |
SuddenLink
They also block 25 as well as others. They are not willing to unblock for me.
Thanks,
From: ikifar2012 <notifications@github.com>
Sent: Friday, April 19, 2019 3:15 PM
To: jc21/nginx-proxy-manager <nginx-proxy-manager@noreply.github.com>
Cc: rudyberkvens <rudy@berkvens.us>; Comment <comment@noreply.github.com>
Subject: Re: [jc21/nginx-proxy-manager] Cloudflare DNS Lets Encrypt (#120)
What ISP is that?
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub<#120 (comment)>, or mute the thread<https://github.com/notifications/unsubscribe-auth/AF5DMUSGMFAFEXOFSFJSTL3PRIR43ANCNFSM4HGYXHMQ>.
|
Time for a new ISP ;) Do they block 443 as well? Check out #85 - it needs testing, you can pull the docker image for that PR and try |
Seems to be very common among residential ISPs. I wish there were other for me to pic from. No fortunately they leave 443 alone.
For now I’m manually requesting from https://www.sslforfree.com/ and importing into the proxy manager UI. It woks but not ideal.
From: jc21 <notifications@github.com>
Sent: Tuesday, April 23, 2019 4:25 PM
To: jc21/nginx-proxy-manager <nginx-proxy-manager@noreply.github.com>
Cc: rudyberkvens <rudy@berkvens.us>; Comment <comment@noreply.github.com>
Subject: Re: [jc21/nginx-proxy-manager] Cloudflare DNS Lets Encrypt (#120)
Time for a new ISP ;) Do they block 443 as well?
Check out #85<#85> - it needs testing, you can pull the docker image for that PR and try
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub<#120 (comment)>, or mute the thread<https://github.com/notifications/unsubscribe-auth/AF5DMUQYDHSPGDJDQAGOUFDPR55EJANCNFSM4HGYXHMQ>.
|
How do I go about testing this? I've pulled it but I don't know where to enter the the info for setting up dns requests via the cloudflare plugin. |
According to the guy who wrote the PR, once you've pulled it you need to have your dns settings done and then go and add request a new LE cert from within the application. There's no new UI options. |
Merged #85 |
hey @jc21 hpw do I use the dns challange |
The patch only tells letsencypt to search your dns settings for some authorization instead of inside the project via http. I personally don't use it but someone wanted it, made a PR, was told to test it and I didn't hear from them again so I merged it because it doesn't affect any pre-existing behavior. |
In order for Cloudflare to work you need a special package for certbot and it requires a cloudflare global API key |
@ikifar2012 I’ll work on this tonight and try to submit a PR for it. Currently I use Certbot to generate a wildcard and install it as a custom cert. |
FYI, it looks like Cloudflare posted a FAQ on this: https://support.cloudflare.com/hc/en-us/articles/214820528-Validating-a-Let-s-Encrypt-Certificate-on-a-Site-Already-Active-on-Cloudflare |
Is this working? I didnt see anything in the github wiki about it. I would love to use this but I need to have LetsEncrypt to auth with Cloudflare's DNS before I can switch over to it. |
I switched to using Let's Encrypt and NGINX Home Assistant SSL proxy add-ins in Home Assistant. These two together are working fine for me. Of course this wont help you if you are using this for something other than HA. |
I use HA but I also have about 15 other services running through my proxy. But I currently am unable to use this anyway, most of my services' ports are only opened to localhost and as far as I can tell, there is no way to have Nginx look at localhost of the parent machine and not the docker instance. So for now, implementing this is on hold. |
Please add the ability to do a DNS challenge for lets encrypt
The text was updated successfully, but these errors were encountered: