I am creating a LAMP server for a personal cloud (Nextcloud). I want to download the SSL certificated but my ISP block the inbound communication of HTTP in the port 80 and HTTPS in the port 443, but my ISP allows HTTPS over 80 and HTTP over 443 (or any other door).
I have no problem using a different port for HTTP ou HTTPS (with self signed certs) over other ports but I found out that in order to get the LE certs they have to test on your ports 80 and 443.
Is there any workaround like using other ports or marking the connection so it does not look likes HTTP/HTTPS? Can I use UDP instead of TCD (I am not sure that it will help though)
Let’s Encrypt offers three validation methods. One of them requires inbound TCP port 443, while another requires inbound TCP port 80. You cannot choose another port and you cannot use UDP instead of TCP.
The third method requires the ability to create requested records in your DNS zone in order to prove that you have control over the DNS records for your domain name. Can you do that?
Thank you for your prompt answer. I tried to set up the DNS challenge using
sudo certbot certonly --manual --preferred-challenges dns
I did the both validations in the txt record and checked in the https://mxtoolbox.com/ if the records were already working before continuing.
Nonetheless I received the error
ReadTimeout: HTTPSConnectionPool(host=‘acme-v01.api.letsencrypt.org’, port=443): Read timed out. (read timeout=45)
And the same error using the staging environment
ReadTimeout: HTTPSConnectionPool(host=‘acme-staging.api.letsencrypt.org’, port=443): Read timed out. (read timeout=45)