Hello All, First of all, please excuse my english language level. I'm having problems trying to bind the certbot client to only 1 of the IP addresses assigned in my ISPConfig box under Debian 11. I have several IPv4 and IPv6 addresses correctly defined in /etc/network/interfaces, but everytime I run the certbot client manually, I'm seeing it always use the same IPv6 address which in fact is not the primary either. What I want is to force the certbot client to bind only to a specific IPv4 address, with no success. Here is what I've tried: # certbot renew --dry-run <-- IT USES ALWAYS THE SAME IPv6 ADDRESS WHICH IS FURTHERMORE NEITHER THE FIRST ONE DEFINED ON THE LIST. # certbot renew --dry-run --http-01-address <PUBLIC_IPv4_ADDRESS> <-- STILL USES THE SAME IPv6 THAN THE PREVIOUS CASE. # certbot renew --dry-run --http-01-address 0.0.0.0 <-- ACCORDING TO THE OFFICIAL DOCUMENTATION, THIS COMMAND WILL FORCE TO CERTBOT TO USE AN IPv4 ADDRESS ONLY, BUT IT CONTINUES TO BIND TO THE SAME IPv6 ADDRESS THAN THE FIRST 2 CASES. # certbot renew --dry-run --http-01-address <PRIVATE_IPv4_ADDRESS_(SERVER_IS_NATTED)> --preferred-challenges http-01 <-- SAME RESULT: IT ALWAYS USE THE SAME IPv6 ADDRESS THAN THE OTHER CASES. I've searched and found the file "/etc/cron.d/certbot" which invokes the certbot client with these parameters only, so my plan is to add the extra parameters to fit my needs at the end of this line on that file: [...] 0 */12 * * * root test -x /usr/bin/certbot -a \! -d /run/systemd/system && perl -e 'sleep int(rand(43200))' && certbot -q renew But before that, I need to find the cause of that behaviour. And my questions are: 1. What am I doing wrong? 2. Is anything coded somewhere else by the ISPConfig Team that bypass the parameters I'm defining? Thank you very much in advance. Best, Olivier
Certbot renew is invoked by ISPConfig and not that cronjob in cron.d, The file that runs certbot renew is: /usr/local/ispconfig/server/lib/classes/cron.d/900-letsencrypt.inc.php
Hi Till, Thanks for the info. Anyway, do you know why I get such behaviour running the certbot client manually on the shell? Thanks again