The main problem that I’m facing is that my ISP blocks port 80, 443 and 53. So, I can’t use HTTP verification using Let’s Encrypt. Is there anyway to use DNS verification using dietpi-letsencrypt or do I have to use sudo certbot certonly --manual --preferred-challenges=dns -d example.com -d *.example.com to get the certificates manually. I guess there are some advantages using dietpi-letsencrypt, so I’m trying to use that but can’t find a DNS verification option.
In my router, I have portforwarded port 8080 to port 80 and port 8443 to port 443, so if I visit port 8080 from outside, then the router will redirect to port 80 of my Raspberry Pi.
Now another thing which I could do is if somehow I can make certbot check for port 8080 instead of 80, but I don’t know how to achieve that either.
I’m using DuckDNS as my DDNS provider. Is there any solution to this?
in this case, you can’t use dietpi-letsencrypt and would need to look into acme-dns-certbot to issue a certificate manually without http verification.
Thanks for your prompt help! So, as far as I understand, the difference would be that I have to manually renew my certificates after every 90 days. In case of dietpi-letsencrypt, it would have automatically renewed my certificates automatically. Am I correct?
I have my domain issued by DuckDNS and then my own domain has a CNAME Record pointing to my DuckDNS domain. Should I get my SSL for my own domain or the DuckDNS one? I’m also having trouble setting up vaultwarden and nginx proxy.
I’m sorry if my comment feels silly but I’m very new to this. My Raspberry Pi has DietPi Dashboard and AdGuard Home running and I tried to setup Vaultwarden and nginx-proxy a couple of times but fail to do so. I do want to be able to access AGH and Vaultwarden from outside, like when I leave my home. And does nginx setup my SSL certificates or does vaultwarden and AGH have them. Can you please guide me a bit?
Certificate should be used on the domain that is displayed on the web browser at the end.
Usually certificates are managed with NPM if using it as revers proxy. That would be the place to handle them centrally. This way you don’t need any SSL / https setup on individual apps behind NPM. If I’m not mistaken, NPM is able to manage DNS challenge as well. AHH do you use Nginx Proxy Manager (NPM) or native Nginx web server?
I’m using the native nginx that’s available on dietpi-software on Raspberry Pi Zero. Since, I’ve never used a reverse proxy before, I don’t know how to set it up. The documentations feel confusing as well as I couldn’t do anything after tinkering with my RPI for 2 weeks.
Probably in your case, Nginx Proxy Manager application (Docker based) might be better choice for you as it will give a graphic interface to manage certificates and proxy destination.