I’m running yunohost in a virtual machine, the main machine is redirecting all http traffic with caddy and enabling automatic encryption, so I didn’t have to bother about creating let’s encrypt certificates with yunohost.
But to have access IMAP and SMTP access, since the traffic doesn’t pass by caddy, I get the alert about the self-signed certificate.
So I tried to create a let’s encrypt certificate with yunohost, but I get the following error:
Info: Now attempting install of certificate for domain mysite.org! Info: Parsing account key... Info: Parsing CSR... Info: Registering account... Info: Already registered! Info: Verifying mysite.org... Error: Wrote file to /tmp/acme-challenge-public/averrrrryyyylloooonnngggstringggg, but couldn't download http://mysite.org/.well-known/acme-challenge/averrrrryyyylloooonnngggstringggg Warning: Debug information: - domain ip from DNS myIP - domain ip from local DNS myIp - public ip of the server myIp Warning: Debug information: - domain ip from DNS myIp - domain ip from local DNS myIp - public ip of the server myIp Error: Certificate installation for mysite.org failed ! Exception: [Errno 22] Signing the new certificate failed Info: The operation 'Install Let's encrypt certificate on 'mysite.org' domain' has failed ! To get help, please share the full log of this operation using the command 'yunohost log display date-letsencrypt_cert_install-mysite.org --share'
It seems that the file
/tmp/acme-challenge-public/averrrrryyyylloooonnngggstringggg needs to be accessible from the outside to maybe sign the certificate, I guess. Should I do this? Is it enough to make a temporary redirection from caddy to the yunohost vm with this url to have it working? Or is it more than a one time action?
Is there any better way to solve this issue?