Letsencrypt http port isn't opened

hboetes · February 10, 2026, 9:35am

Port 80 oft the firewall wasn’t opened during letsencrypt requests, even though all the settings are correct.

So I wrote the following script, which checks if the certificate needs renewal and if so opens port 80, renews the certificate and closes port 80.

root@asterix ~ #  cat /etc/cron.daily/letsencrypt_fixed
#!/bin/bash
CERT=“/etc/asterisk/keys/$(hostname -f).crt”
DAYS=30

if openssl x509 -checkend $((DAYS * 86400)) -noout -in “$CERT” > /dev/null 2>&1; then
exit 0
fi

iptables -I INPUT -p tcp --dport 80 -j ACCEPT
fwconsole certificates --updateall
iptables -D INPUT -p tcp --dport 80 -j ACCEPT

system · March 13, 2026, 9:35am

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.