Auto Setup failed authorisation DVNSI challenge on custom port?

I’m trying to setup a cert for my server which is behind a firewall. The server is already running a service on https only on a custom port (no http access) with a self signed cert, so I wish to replace this with the let’s encrypt one.

running the auto command:
letsencrypt-auto --apache -d
I get the error:
`Failed authorization procedure. (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Failed to connect to host for DVSNI challenge


  • The following errors were reported by the server:

    Type: urn:acme:error:connection
    Detail: Failed to connect to host for DVSNI challenge
    Is this failing because I can’t specific a port for acme to query? or do I need a port 80 http access from the outside?


When using the DVSNI method the server must be reachable on port 443. The Simple HTTP method can use port 80 or 443.