I encoutering a strange behavior using the .examples/docker-compose/with-nginx-proxy/postgres/fpm/docker-compose.yml or the apache one as well
i edited the files to match the right host name, mail addresse and choose my passwords.
And change the used ports to 8080:80 and 100443:443
All containers are starting up and letsencrypt sucessfully do the certification challenge.
But when i try to connect to my domain from my local network a message pops up telling my that the connection is not save since it a self signed certificate.
Then i tested from my phone using mobile data, i can connect to the server without a problem and the browsers tells my that my certificate is signed by letsencrypt.
Back to my PC i try https://mydomain.com:10443 which create a time out but, when i remove after this the port information it works in my browser .
I am using a fritzbox which should forward the trafic form 80 (since letsencrypt needs to use tcp 80) → to my server 8080 and 443 to 10443. It seems that this doesn’t work consistently has anybody an idea how to fix this?
Unfortunately i can’t use this workaround to get the client connected
In order for https://mydomain.com:10443 to work internally from your PC, you’d have to have some sort of split DNS setup (like a static DNS entry on your router or an entry in a hosts file… or something like that). The internal DNS entry for mydomain.com would point at your internal IP address for when you’re connecting from your internal LAN. You’d leave your public (external) DNS as-is.
That said, the self-signed message doesn’t make much sense. : Is there any chance you are connecting to a prior test setup or something? (You mentioned trying with Apache previously). Maybe you’ve still got some old Docker containers running?
Maybe step back and confirm your PC is resolving mydomain.com to the IP address you’d expect. Might also be worth trying a different browser because browsers these days do their own DNS caching.
i did some additional testing the problem is resolved.
When i allow dns rebind for my domain:443 and disable the DynDNS-Service from the FritzBox, which I wanted to use to automatically update the dns entries.
There are no other docker containers running i double checked this and it would fails since i used the same ports