[44net] Re: LetsEncrypt SSL certificates for HTTPS within the 44net

Thanks chaps. I think I have it now. Would someone please try https://ni2o.ampr.org Also, with ths manual method do I have to renew the cert every 3 months? The acme/certbot tool will take care of that for you automatically. Not sure about the manual method though. I gave it some more thought and opted for individual certs fo the servers in the end. other .ni2o.ampr.org services will get SSL over the weekend. Mark / NI2O On Thu, Oct 30, 2025 at 8:53 AM Cory (NQ1E) &lt;cory(a)nq1e.hm&gt; wrote: > The actual problem depends on which error message you're getting. > > ampr.org doesn't seem to be opting out of certificate issuance with DNS > CAA records, so you should be able to get one. However, the HTTP validation > method will be the only one available to you. That means the machine you're > running the ACME client on will need to be able to accept incoming > connections on port 80 from the public Internet, at the IP address behind > your FQDN. > > > > On Thu, Oct 30, 2025, 05:10 Mark Phillips via 44net < > 44net(a)mailman.ampr.org&gt; wrote: > >> Hi Folks, >> >> I'm having some trouble trying to get LetsEncrypt SSL certificates >> authorised for use on my WWW devices. The issue seems to be that I do not >> have control of the TLD and so I can never authorise the issuing of >> the certificate. >> >> I've tried *.ni2o.ampr.org (generic catch all), fqdn.ni2o.ampr.org >> (device specific) and many other variations but they all fail at the >> authorizing of the cert. >> >> What am I doing wrong? I'm using LetEncrypt (free not-for-profit) SSL >> certificates successfully in other areas but i do control the domain for >> those. >> >> Thanks for your help >> >> Mark / G7LTT >> _______________________________________________ >> 44net mailing list -- 44net(a)mailman.ampr.org >> To unsubscribe send an email to 44net-leave(a)mailman.ampr.org >> >