Creating Certificate with Domain Name Hosted on China


I am configuring Let’s Encrypt by using
The problem is my domain is hosting on China, so port 80 & 443 are blocked. I am considering to do validation with dns-01 manual method. This method requires creating a txt record. I am wondering if this method really works and I can generate certificate for use on other ports. Another thing, I would like to know is whether Let’s Encrypt is compatible with

My domain provider is:

My domain is: N/A

I ran this command: Complete-ACMEChallenge -IdentifierRef clevylinksnet-180226 -ChallengeType dns-01 -Handler manual

It produced this output:

My web server is (include version): Internet Information Service version 8.5

The operating system my web server runs on is (include version): Windows Server 2012 R2 Standard Edition 64bit

My hosting provider, if applicable, is: my own dedicated servers

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no


As long as you can manually create a TXT record for your domain using the DNS control panel, then yes, you can use the dns-01 challenge.

Once you have a certificate, you can use it for any service you want, on any port, provided that it comes under the permitted usages for the certificate (TLS Server Authentication, TLS Client Authentication).


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.