Marzel Posted December 7, 2020 Share Posted December 7, 2020 Hello everyone, I have the problem that I cannot request a certificate. I had a Test Unraid system running for quite a while, there I could request the certificate and everything worked. Now I have built my Unraid System and it does not work anymore. The address xxx.unraid.net also points to the old address of the Test System. How can I have the xxx.unraid.net point to my new ip? Thanks for the help Marzel Quote Link to comment
ljm42 Posted December 7, 2020 Share Posted December 7, 2020 Hmm... it isn't exactly clear what state the system is in now. It may just be that you need to setup SSL on the new system. Go to Settings -> Management Access. If you have an Update DNS button, press that. It may take a few minutes for the DNS change to propagate. If you have a Provision or Renew button, press that. If you get a DNS rebinding error, wait a few minutes and try again. If none of this helps, please post a screenshot of the Management Access page along with your diagnostics (from Tools -> Diagnostics) Quote Link to comment
Marzel Posted December 7, 2020 Author Share Posted December 7, 2020 (edited) As you can see from my screenshots, Update DNS is grayed out and by clicking the Provision Button i get the error from the second screenshot. Diagnostics is attached. Can it be related to the USB stick? It is the same USB Stick as i used for the Test System, but cleared it and recreated it before using in the new System. Thank you for your Help Marzel jarvis-diagnostics-20201207-2149.zip Edited December 8, 2020 by Marzel Quote Link to comment
ljm42 Posted December 8, 2020 Share Posted December 8, 2020 Is that 20.2.x.x IP address directly on the Internet? You should not do that, Unraid is not hardened to be placed directly on the Internet. Unraid should be behind a firewall with specific ports opened as needed. Quote Link to comment
Marzel Posted December 8, 2020 Author Share Posted December 8, 2020 No it's in my local network behind my router. Quote Link to comment
ljm42 Posted December 8, 2020 Share Posted December 8, 2020 OK that's good. So your trial had a 192.168.x.x IP address, is this now on a different network? Is there any DNS caching that you know of on your network? Is the 20.2.x.x IP address that you blanked out on the screenshot the correct IP of the server? Please PM me the xxxxxx.unraid.net address that you blanked out of the screenshot, I want to see if it resolves correctly for me Quote Link to comment
Marzel Posted December 8, 2020 Author Share Posted December 8, 2020 192.168.x.x is now gone. I changed from 192.168.x.x to 20.2.x.x. and this is also the only rang i have in my network. The only DNS in my network is my Fritz!Box 6591. Yes the blanked ip is correct and i can access my unraid with it. PM with the xxxxxx.unraid.net is out. Quote Link to comment
ljm42 Posted December 8, 2020 Share Posted December 8, 2020 OK your hash.unraid.net url still resolves to the original IP for me as well. It is possible that the solution only works with non-routable IPs, I'll see what I can find out. Along those lines... unless you actually own that 20.2.x.x IP range, I highly recommend you use one of the non-routable networks specified here: https://en.wikipedia.org/wiki/Private_network If you don't own 20.2.x.x, then somebody else does and it will cause networking issues down the road if you use it. Your original 192.168.x.x address is an example of a valid IP range for internal networks. Since you mentioned a Fritz Box, take a look at this for disabling rebinding protection: https://en.avm.de/service/fritzbox/fritzbox-7590/knowledge-base/publication/show/3565_FRITZ-Box-reports-Your-FRITZ-Box-s-DNS-rebind-protection-rejected-your-query-for-reasons-of-security/ This isn't exactly the problem you are up against at the moment, but it may come up Quote Link to comment
JonathanM Posted December 8, 2020 Share Posted December 8, 2020 51 minutes ago, ljm42 said: It is possible that the solution only works with non-routable IPs, I'll see what I can find out. That sounds reasonable to me, I can't think of a good reason to use a routable IP inside a private network unless you own the IP range, in which case you probably have your own DNS scheme in place and don't need to use Unraid's .net service. Quote Link to comment
Marzel Posted December 8, 2020 Author Share Posted December 8, 2020 i changed my ip range now to 10.2.x.x so that it should not be a problem any more. After that i tried the Provision again but same error. i also checked the avm link you sent and added the unraid.net and the complete hash.unraid.net to the "Host name exceptions:", then reboot the Fritz Box and again tried the Provision but no change, same error Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.