[Solved] Self-signed certificate makes my server not reachable over internet

ℹ️ Support 📦 Appliances (Docker, Snappy, VM, NCP, AIO)
1

I have successfully installed nexcloud snap (19.0.1) and gotten it to work online.
Do to limitations of my ISP I could not use port 80 so I rerouted port 80 to 81 in my router and that allowed me to access the server by entering:
myexternalipaddress:81

however since lets-encrypt must be on port 80, my best option is to go with a self-signed signature for now.

Using the command:
sudo nextcloud.enable-https self-signed
I was able to generate a certificate, however after doing that I can only access my server through my local network and not from my public ip.
myexternalipaddress:81 Just gives me “This site can’t be reached” error.

When I run the command sudo nextcloud.disable-https
It works again.

I am guessing this has something to do with ports but I could be wrong.

2

You can get a Letsencrypt certificate using dns or http verification.

sudo certbot -d your.domain.tld --manual --preferred-challenges dns certonly

3

hi @chillon

normal is the https port 443 did you move it to another port and tell the webserver that as well? And do you let this port through your firewall?

4

I tried will port 443 and it worked with my local IP but still no luck on my router. But that gave me the idea to rout port 443 to 444 in my router, and that did the trick!
My ISP must also be using port 443.

Now when I use https://externalipaddress:444 I am able to get to my server from the web.
I still get the untrusted certificate warning, but thats not a huge deal.
Thanks for the help :smile:

1 Like