I can not successfully setup SSL certificate using the letsencrypt tool (provided in my case with the NextCloudPi installation on a RaspberryPi). Are there alternatives to using letsencrypt? And how can I use them in the situation described below?
Within my home network, I have several RaspberryPi-Servers (currently, 18 devices). One of them, let’s call it RPi1, I use for our private home NextCloud service. I seamlessly setup an SSL certificate using the letsencrypt tool provided by the installation image.
Now, I want to use another server, RPi2, as a NextCloud server from within the same home network. From the internet, I registered a new NoIp domain name which results in the identical same IP address of my home router. So, the only way to tell which domain name is being targeted by a user is by using a different port number. My home router provides a port forwarding feature. As ports
80 are already used to lead incoming packages through to port
80 on my RPi1, I now have to choose different ports on the internet side. For example, I use port
64471 to be led through to port
80 and port
64472 to be led through to port
443 of my new RPi2.
Communication from the internet already works fine concerning RPi2, so that I am now able to use the NextCloud installation on my RPi2 machine. BUT: letsencrypt fails as my internet ports
64471 for HTTP (
64472 for HTTPS (
443) do not match the standard ports atleast on the outside of my home network. When connecting from the internet to the service on my RPi2, I get the typical insecurity warning. Which I want to avoid.
Is there a way to tell letsencrypt to “ignore” or alternatively to “set” a non-matching incoming internet port for the SSL certificate to be generated correctly? Or are there maybe other tools which handle these port mismatches transparently?