Let's encrypt help

Troubleshooting
1

Creating a bug report/issue

Required Information

  • DietPi version | cat /boot/dietpi/.version
  • Distro version | echo $G_DISTRO_NAME $G_RASPBIAN
  • Kernel version | uname -a
  • SBC model | echo $G_HW_MODEL_NAME or (EG: RPi3)
  • Power supply used | (EG: 5V 1A RAVpower)
  • SD card used | (EG: SanDisk ultra)

Additional Information (if applicable)

  • Software title | (EG: Nextcloud)
  • Was the software title installed freshly or updated/migrated?
  • Can this issue be replicated on a fresh installation of DietPi?
    ← If you sent a “dietpi-bugreport”, please paste the ID here →
  • Bug report ID | echo $G_HW_UUID

Steps to reproduce

  1. …new install
  2. …phpbb and let’s encrypt setup as usual
    Portal 80 and 443

Expected behaviour

  • …port connects ok
    Port 443 doesnt

Actual behaviour

Extra details

2

Hello,
you can connect via http but not via https? Did you get some error message when you try https?

3

Can you share listen ports

ss -tulpn | grep LISTEN
4

Listening on port 80 and 443
Port 80 works fine
Port 443 with SSL certificate doesn’t work
I had issues with loopback Wich is new this week only.solved it by using on a VPN on client machine
That worked for about a day then nothing worked.
So I followed this guide “https://certbot.eff.org/” and got it working again but I still have to use a VPN.
I’m with fizz ISP they never blocked loopback before.
Now my only issue is how to access within same network .do u have any tips I’m not sure but would reverse proxy work and how do I use it from dietpi saware list thanks for the response.

5

if using a VPN, you would not need SSL. The VPN connection is already encrypted, and SSL is not bringing any additional security. SSL makes sense if you don’t use a VPN connection.

Are you able to connect from extern using HTTPS + DDNS without any VPN?
Are you able to connect directly from intern using HTTPS + local IP?
Does port forwarding on your router has been setup correctly for 80 + 443?

6

Listening on port 80 and 443
Port 80 works fine
Port 443 with SSL certificate doesn’t work
I had issues with loopback Wich is new this week only.solved it by using on a VPN on client machine
That worked for about a day then nothing worked.
So I followed this guide “| Certbot and got it working again but I still have to use a VPN.
I’m with fizz ISP they never blocked loopback before.
Now my only issue is how to access within same network .do u have any tips I’m not sure but would reverse proxy work and how do I use it from dietpi saware list thanks for the response

7

Router ports r setup 80 and 443
I tried like u said without a VPN
And local IP with https and it does not work.
But if I use my phone mobile data instead of home network it connect fine and google says it’s secure with tls

8

Ok I can connect locally with IP and https but says it’s not secure google intercepted with a security warning I had to click proceed anyway for the site to open

9

Here is my address exrestv.duckdns.org/forum - Index page

10

Means it is working from extern

as expected, as the certificate is valid for your domain but no for an IP

OK the issue is: you are not able to access your DDNS from inside of your network, while accessing it from extern is working. Right.

This is an issue of your router. I have same on my router. Solution for me is to use an own DNS server inside my local network who redirect me internally.

11

I understand the concept make perfect sense.
I just don’t know how to create an Internal DNS.lol
Thanks for your help
I will look up how to do it on Google or do u have a guide for me

12

I use PiHole (available as DietPi software option) as internal DNS. It has the benefit of blocking Ads and resolving my DDNS internally.

13

Just realized that I can access it with port 80 http
Internally so DNS should be working fine correct

14

Still your router needs to forward/redirect you on port 443. Maybe that’s where the router is having a challenge with.