Hi,
I’m having troubles configuring server firewall for Certify to work…
My server (where my web application is hosted) security requirement is that connection from that server to outside resources must be configured in firewall so that connection to only specific addresses can be made. Other connection attempts are blocked.
Few months ago I’ve successfully configured firewall to allow addresses for Certify to work with these firewall exceptions:
https://api.certifytheweb.com/
https://acme-v02.api.letsencrypt.org/
And IP address:
104.81.124.27:443
But now certificate renewal process fails because instead of previous IP address it tires to call 23.64.234.181:443.
2019-06-07 13:08:29.313 +03:00 [ERR] BeginCertificateOrder: error creating order. Retries remaining:1 :: System.Net.Http.HttpRequestException: An error occurred while sending the request. —> System.Net.WebException: Unable to connect to the remote server —> System.Net.Sockets.SocketException: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 23.64.234.181:443
So my question is:
Is there a list of these IP addresses that may be required for Certify certificate renewal process to complete?
Can I somehow specify which one to use or configure some kind of single proxy?