have certifytheweb app installed on windows server 2025.
the server is behind a firewall that gives it no outgoing internet access (which is best practice i’m being told).
obviously this means the app isn’t able to do anything.
we asked the team managing the firewall to do this (based on what google gemini suggested)
## Outbound Firewall Rules (Egress)
You must allow the **Certify.Service.exe** (usually located in `C:\Program Files\CertifyTheWeb\`) to communicate with the following destinations over **TCP Port 443 (HTTPS)**:
|**Destination Domain**|**Purpose**|
| --- | --- |
|`acme-v02.api.letsencrypt.org`|To communicate with the Let's Encrypt API for cert issuance.|
|`api.certifytheweb.com`|To check for app updates and manage your license.|
|`*.identrust.com` & `*.isrg.trustid.ocsp.identrust.com`|For OCSP (Certificate Revocation) checks and chain validation.|
however, with that applied, it still fails at the point to register the ACME account via Let’s Encrypt. it just tries and eventually fails with "failed to communicate with the certificate authority, check status and ensure system can make outgoing https requests"
is there a set list of URLs/Domains that the app needs to able to communicate with? incoming http and https is aleady setup, so it’ll be the outgoing rules that need adjusted.
I can’t see anywhere that has logs that details what caused the failure.