Certificate port 8000


#1

Hi everyone,

I try to make a ssl encryption on the glpi webpage for my company.
Actually, This website is on a other virtual-machine.

The website is accessible on port 8000 (port 80 is used for something else, I don’t know what, I’m new on the company and I don’t have all the information)

I’ve know than certbot can’t processed my request because the certification can not be obtain on a other port than port 80.
But Have I a other way to obtain a certificate ?

I was thinking about switch the glpi on the virtualMachine with all other website of the domain and certified all with a wildcard. Or use a reverse-proxy ?

But if you have other method and/or alternative I’m in.

My web server is:

Apache2

The operating system my web server runs on is:

Debian 8

Domain name: proactiveit.be – More accurately I just want the website help.proactiveit.be


#2

There are several ways, depending on what you are able to do. if you control the DNS zone for this domain, you can use the DNS challenge type. This is best if you have some form of programmatic access to create TXT records. If not, it could be a pain for renewal. The reverse proxy is also a common option, if you’re able to set that up on whatever services is listening on port 80. Using SNI to proxy requests for your domain (or just a specific vhost for the .well-known/acme-challenge directory if it’s the same domain as the port 80 service) to port 8000 is a good option.


#3

Thank you for your answer Jared.m.

Sorry for the delay. I discuss with my boss and the others It worker of the company, but I haven’t received any new for the moment…

So I don’t know if we control the DNS zone (but logically we have to) or what’s sort of service is listening on the port 80 :frowning:

I’m waiting any news and i will come to you when I have something else to say.


#4

Hi @jode27195

https://www.proactiveit.be/ has already a Letsencrypt-certificate, valid from 2018-06-21.

Port 80 redirects to https. help.proactive.be has actual no dns-entry.

But if you set the external dns-entry of help.proactive.be to www.proactive.be, you should be able to create a certificate.


#5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.