-
I get: NET::ERR_CERT_AUTHORITY_INVALID when i use browser to go to the URL. |
Beta Was this translation helpful? Give feedback.
Replies: 9 comments
-
Container version, configuration used, logs ? |
Beta Was this translation helpful? Give feedback.
-
How do I access logs & what do you mean by "configuration"? I cloned and ran it per the instructions. Our server names are as follows: Also, saw this warning on the project page, does this have anything to do with it? |
Beta Was this translation helpful? Give feedback.
-
Now I am getting:
docker ps returns:
I am following these instructions, here:
|
Beta Was this translation helpful? Give feedback.
-
Hi, By container version I meant: what version of the letsencrypt companion container are you using (did you build it from the cloned repo, did you pull it from Dockerhub, and if pulled from Dockerhub did you use a tagged version / which one or did you pull I'll need you to copy paste the exact, whole command line or compose file you used to run the whole stack ( Containers logs will also be needed to see what's happening inside the containers. You can get logs from a container with
If you used the two containers setup yes, if you used the three containers setup no, as it only affect the "standalone" |
Beta Was this translation helpful? Give feedback.
-
This is not a proper publicly reachable domain name and just not a proper domain name at all, I'm not sure if nginx-proxy works with those (doubt it) and you certainly can't obtain certificate from Let's Encrypt (or any other CA for that matter) with this. |
Beta Was this translation helpful? Give feedback.
-
Is there a way to do it for internal sites, like:
|
Beta Was this translation helpful? Give feedback.
-
Let's Encrypt, as every other CA, is not meant to obtain and won't deliver certificates for non public domains. See https://www.globalsign.com/en/blog/certificates-for-internal-servers/ for more information. This is a Globalsign doc but It explains why no CA can deliver certificates for non public domains and what your options are. Creating you own ACME CA with |
Beta Was this translation helpful? Give feedback.
-
I took the liberty to rename your issue so that other people in the same case might find answers more easily. |
Beta Was this translation helpful? Give feedback.
Let's Encrypt, as every other CA, is not meant to obtain and won't deliver certificates for non public domains. See https://www.globalsign.com/en/blog/certificates-for-internal-servers/ for more information. This is a Globalsign doc but It explains why no CA can deliver certificates for non public domains and what your options are.
Creating you own ACME CA with
boulder
is indeed possible and will work with this container (this is pretty much what we're doing in the test suite). Please go to https://github.com/letsencrypt/boulder if you need help withboulder
.