I’ve created an SSL certificate using LetsEncrypt. I needed to temporarily redirect port 80 on my router to my HA server to do it. I now need to renew the certificate, but if I try to use the following command:
certbot renew --quiet --no-self-upgrade --standalone --preferred-challenges tls-sni-01 --tls-sni-01-port 8123 --pre-hook "sudo docker stop home-assistant" --post-hook "sudo systemctl start home-assistant"
…I get this error:
Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA. Attempting to renew cert (mydomain.ddns.net) from /etc/letsencrypt/renewal/mydomain.ddns.net.conf produced an unexpected error: Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA.. Skipping. All renewal attempts failed. The following certs could not be renewed: /etc/letsencrypt/live/mydomain.ddns.net/fullchain.pem (failure)
Is there any way of renewing my SSL cert without having to redirect port 80 to my HA server?
I’m running HA core v2021.7.4 in a Docker container on a Lubuntu VM. I have installed the Certificate Expiry integration but it has always shown this error in the HA console:
! Retrying setup: Connection timeout with server: mydomain.ddns.net:443
I have port 443 forwarded to my HA server, but that doesn’t seem to help.