I own 1 public IP with a NAT configuration, a domain with 3 subdomains and I would like to run 3 servers behind this IP and use certs.
Server 1 - HTTP port : 10080 - HTTPS port : 10443 - serv1.domain.com
Server 2 - HTTP port : 10081 - HTTPS port : 10444 - serv2.domain.com
Server 3 - HTTP port : 10082 - HTTPS port : 10445 - serv3.domain.com
Is it possible to generate a cert on each server, even if port 80 or 443 is not available ?
Or perhaps I can run a 4th server on 80/443 to generate certs then transfer each cert to each server ?
Thank you !
no, that’s not possible.
http validation -> port 80 is required.
And what about the DNS-01 challenge ? It also uses the port 80 or 443 ? Or it doesn’t care how port is used ?
Its sounds possible if you use the 10080 port and redirect to port 80 and the same with 10443 to port 443 in your router.
space invader one on youtube has an example to what is almost what your trying to do
Thank you but he uses a reverse proxy, and I would like to connect directly to my servers.
Is it possible to generate a certificate on a server A then copy files needed (fullchain.pem, privkey.pem, chain.pem, other?) to the server B ? And if yes, is it necessary to install certbot to the server B ?