I’m running yunohost in a virtual machine, the main machine is redirecting all http traffic with caddy and enabling automatic encryption, so I didn’t have to bother about creating let’s encrypt certificates with yunohost.
But to have access IMAP and SMTP access, since the traffic doesn’t pass by caddy, I get the alert about the self-signed certificate.
So I tried to create a let’s encrypt certificate with yunohost, but I get the following error:
Info: Now attempting install of certificate for domain mysite.org!
Info: Parsing account key...
Info: Parsing CSR...
Info: Registering account...
Info: Already registered!
Info: Verifying mysite.org...
Error: Wrote file to /tmp/acme-challenge-public/averrrrryyyylloooonnngggstringggg, but couldn't download http://mysite.org/.well-known/acme-challenge/averrrrryyyylloooonnngggstringggg
Warning: Debug information:
- domain ip from DNS myIP
- domain ip from local DNS myIp
- public ip of the server myIp
Warning: Debug information:
- domain ip from DNS myIp
- domain ip from local DNS myIp
- public ip of the server myIp
Error: Certificate installation for mysite.org failed !
Exception: [Errno 22] Signing the new certificate failed
Info: The operation 'Install Let's encrypt certificate on 'mysite.org' domain' has failed ! To get help, please share the full log of this operation using the command 'yunohost log display date-letsencrypt_cert_install-mysite.org --share'
It seems that the file /tmp/acme-challenge-public/averrrrryyyylloooonnngggstringggg
needs to be accessible from the outside to maybe sign the certificate, I guess. Should I do this? Is it enough to make a temporary redirection from caddy to the yunohost vm with this url to have it working? Or is it more than a one time action?
Is there any better way to solve this issue?