Meshcentral: Problem due to disabling LetsEncrypt if redirect port is not 80
On CentOS (and perhaps other Linux distros) a service cannot use a port less than 1024 without non-standard configuration. However, it is easy to configure the firewall to redirect, say 80 to 8080, and then set MeshCentral to use 8080 as its redirect port. This causes letsdebug to work fine but MeshCentral will at present not enable LetsEncrypt because the redirect port is not 80. Please change the behaviour to give a warning not an error if LetsEncrypt is enabled with a redirect port which is not 80 so that MeshCentral can be configured as a service using the method described.
sebtombs
All 4 comments
In the settings section of the config.json, put these two lines:
"RedirPort": 8080,
"RedirAliasPort": 80
This will tell MeshCentral that you want to bind on 8080, but are really using port 80 and Let's Encrpt should accept this. Let me know if it works.
Ylianst
on 24 Jan 2020
I will close this since I am pretty sure "RedirAliasPort" works for this. Please re-open if needed.
Ylianst
on 26 Jan 2020
Sorry for the delay in responding. In which version was RedirAliasPort added please? It is not working for me but I haven't updated since early November
sebtombs
on 27 Jan 2020
It was added a long time ago, however, Let's Encrypt did a breaking protocol change that requires GreenLock v3 to get certificates and so, you may need to update because of this. The breaking change was required at the start of December.
Ylianst
on 28 Jan 2020
Related issues
petervanv
路
3Comments
robclay
路
3Comments
LPJon
路
3Comments
unguzov
路
3Comments
penguinthingie
路
4Comments
Most helpful comment
In the settings section of the config.json, put these two lines:
This will tell MeshCentral that you want to bind on 8080, but are really using port 80 and Let's Encrpt should accept this. Let me know if it works.