December 7, 20205 yr Hello everyone, I have the problem that I cannot request a certificate. I had a Test Unraid system running for quite a while, there I could request the certificate and everything worked. Now I have built my Unraid System and it does not work anymore. The address xxx.unraid.net also points to the old address of the Test System. How can I have the xxx.unraid.net point to my new ip? Thanks for the help Marzel
December 7, 20205 yr Hmm... it isn't exactly clear what state the system is in now. It may just be that you need to setup SSL on the new system. Go to Settings -> Management Access. If you have an Update DNS button, press that. It may take a few minutes for the DNS change to propagate. If you have a Provision or Renew button, press that. If you get a DNS rebinding error, wait a few minutes and try again. If none of this helps, please post a screenshot of the Management Access page along with your diagnostics (from Tools -> Diagnostics)
December 7, 20205 yr Author As you can see from my screenshots, Update DNS is grayed out and by clicking the Provision Button i get the error from the second screenshot. Diagnostics is attached. Can it be related to the USB stick? It is the same USB Stick as i used for the Test System, but cleared it and recreated it before using in the new System. Thank you for your Help Marzel jarvis-diagnostics-20201207-2149.zip Edited December 8, 20205 yr by Marzel
December 8, 20205 yr Is that 20.2.x.x IP address directly on the Internet? You should not do that, Unraid is not hardened to be placed directly on the Internet. Unraid should be behind a firewall with specific ports opened as needed.
December 8, 20205 yr OK that's good. So your trial had a 192.168.x.x IP address, is this now on a different network? Is there any DNS caching that you know of on your network? Is the 20.2.x.x IP address that you blanked out on the screenshot the correct IP of the server? Please PM me the xxxxxx.unraid.net address that you blanked out of the screenshot, I want to see if it resolves correctly for me
December 8, 20205 yr Author 192.168.x.x is now gone. I changed from 192.168.x.x to 20.2.x.x. and this is also the only rang i have in my network. The only DNS in my network is my Fritz!Box 6591. Yes the blanked ip is correct and i can access my unraid with it. PM with the xxxxxx.unraid.net is out.
December 8, 20205 yr OK your hash.unraid.net url still resolves to the original IP for me as well. It is possible that the solution only works with non-routable IPs, I'll see what I can find out. Along those lines... unless you actually own that 20.2.x.x IP range, I highly recommend you use one of the non-routable networks specified here: https://en.wikipedia.org/wiki/Private_network If you don't own 20.2.x.x, then somebody else does and it will cause networking issues down the road if you use it. Your original 192.168.x.x address is an example of a valid IP range for internal networks. Since you mentioned a Fritz Box, take a look at this for disabling rebinding protection: https://en.avm.de/service/fritzbox/fritzbox-7590/knowledge-base/publication/show/3565_FRITZ-Box-reports-Your-FRITZ-Box-s-DNS-rebind-protection-rejected-your-query-for-reasons-of-security/ This isn't exactly the problem you are up against at the moment, but it may come up
December 8, 20205 yr 51 minutes ago, ljm42 said: It is possible that the solution only works with non-routable IPs, I'll see what I can find out. That sounds reasonable to me, I can't think of a good reason to use a routable IP inside a private network unless you own the IP range, in which case you probably have your own DNS scheme in place and don't need to use Unraid's .net service.
December 8, 20205 yr Author i changed my ip range now to 10.2.x.x so that it should not be a problem any more. After that i tried the Provision again but same error. i also checked the avm link you sent and added the unraid.net and the complete hash.unraid.net to the "Host name exceptions:", then reboot the Fritz Box and again tried the Provision but no change, same error
Archived
This topic is now archived and is closed to further replies.