Setup lets encrypt with my ISP in Guam with some issues but now working.
Currently in Nevada and tried to do same.
Problem is Cox blocks port 80, but does allow port 443 to connect.
Why can't certbot to the connection/testing using port 443 if port 80 fails?
Because the challange that uses port 443 (tls-alpn-01) is completely different compared to the challenge using port 80 (http-01). And Certbot is not equiped for the tls-alpn-01 challenge.
2 Likes
There are three ways one can prove control over a domain name to Let's Encrypt:
If you can't open port 80, then you'll need to use one of the other types. If you want to use TLS-ALPN-01, then you'll need something more integrated into your web server instead of using Certbot. I think the easiest may be using Caddy as your web server, but without knowing more about the web server software you're wanting to use it's hard to give a specific recommendation. The other option is DNS-01, which has the advantage of only needing your DNS server to be publicly available, but requires API access to your DNS server (or you to configure your DNS server to delegate challenges to something like acme-dns).
4 Likes
Date sent: Fri, 30 May 2025 16:35:28 +0000