I followed the Let's Encrypt instructions but kept coming up with a server name mismatch despite verifying that the hostname and domain name were correct on the server. My setup is that I have a bare metal server running eve-ng with a private IP. The public IP is the one on my router facing my service provider.
My router is a Cisco 1800 series so initially I was doing a static nat for port 443 to my eve-ng server. Essentially port forwarding because the source and destination ports are the same.
Code: Select all
ip nat inside source static tcp private_ip 443 int fastethernet0 443
Certbot initially failed because it does a check first to port 80. I didn't have port 80 forwarded to my eve-ng server.
Code: Select all
ip nat inside source static tcp private_ip 80 int fastethernet0 80
Once I added that, I still got the name mismatch. The way I worked around that was by adding the line
Code: Select all
ServerName yourhost.yourdomain.something
line above the
line in /etc/apache2/sites-enabled/default-ssl.conf. Once I did that it passed certbots verification. All the rest of it went according to plan once I added that. Of course you replace yourhost.yourdomain.something with your actual fully qualified domain name. I hope this helps somebody.