Certbot renew authentication on port 443 instead 80

Hi,

I want to check that .well-know/ac... And certbot is always with authentication errors because it's trying to get on port 80, I wanted to do this authentication on port 443, it's possible?

The HTTP-01 challenge (which is what most people use) needs to connect to port 80 initially, though the request to it can redirect to an HTTPS service on port 443, which the validation will follow.

If you can't open port 80, then you need to use a different challenge type, either TLS-ALPN-01 (which works directly on 443, but has less support from ACME clients and web servers so can be trickier to set up), or DNS-01 (which needs a way to automate updating your DNS records, or delegating your DNS to something like acme-dns that supports such automation).

1 Like