Generate certificate 8443 instead of 443

How can generate a certificate through 8443 instead of 443?

Thank you.

Let’s Encrypt offers three validation methods:

  • HTTP-01, which works on port 80
  • TLS-SNI-01, which works on port 443
  • DNS-01, which does not require any open ports but rather works via a special TXT record you need to create for your domain.

For the DNS-01 method, you’ll need to take a look at the alternative client list, as certbot does not support this method yet. The bash clients or lego all support DNS-01, for example.

2 Likes

Hi there
Thanks for the recommendation. I tried it but then i am getting an message saying that i have a certificate that is more than 30 days so does it mean that i am not able to make use of Let Encrypt to generate the certificate. Even though the certificate is deemed as an invalid certificate.

It depends which client you are using. Most clients have an option to force renewal and ignore the existing cert.

i was making use of bash client. are they able to ignore the existing cert and issue a new one?

Yes. for example with getssl use "-f" on the command line to force it to ignore any current cert and issue a new one.

I tried using -f but i dont think i am issued the certificate yet. I am not sure what changes i have to make with the cfg file. as instructed here.
Then edit ~/.getssl/yourdomain.com/getssl.cfg to have the values you want for this specific domain (make sure to uncomment and specify correct ACL option, since it is required).
The result that i got is getssl: ACL
Is there any other suggestion on how i can go about generating the certificate?

To tell you what to put in the configuration file, I’d need to know a little more about your setup.

I’m assuming that you are trying to use the DNS challenge ( since that’s what psg recommended in the first reply to you). Who is your DNS provider ? What is your domain name ? and how many / what other domains do you want on the same cert ?

My domain name is retina.nie.edu.sg
there is only 1 domain i want to issue the certificate to.
I am using 8443 port.

As @pfg stated in his first answer

So you can not use port 8443 for the validation. You can use any of the 3 methods he lists to obtain a certificate, and then use that certificate on port 8443, however you can not obtain the certificate via validation through that port.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.