Hello,
I have a self-signed cert and valid domain where I can access. This web app is run as a service in in a shell access ubuntu server at 8080 port. I tried to follow certbot's webpage steps in order to convert this web completely secure (validate self-signed cert I have) but, a problem happened:
I would like to fix this problem and know how I can make a valid cert based on the ones I have.
Thank You
Gaizka
Your self signed certificate is your self signed certificate. You can get another one from Let's Encrypt (using the same private key, eventually, but you should have no reason to want this), but it will be another certificate.
Your validation probably fails because you cannot validate on port 8080. Http validation only works on port 80.
So I should have my web service running in the 80 port to create the certificate, shouldn't I?
I find strange not to have the possibility to configure with a command the target port...
Thank you
You have to validate on port 80.
After you validate, what port you run your service on is entirely up to you.
If your service is running on another port and your port 80 is free, you can use the standalone plugin to spawn a bespoke webserver that will do the validation and then die.
(And you can specify the port on which it listens, but the verification bots will only connect on 80)
The use of these selected ports is mandated by the CA/Browser Forum Baseline Requirements. Only a few ports are allowed, of which Let's Encrypt offers port 80 (http-01 challenge), port 443 (tls-alpn-01 challenge) and port 53 (dns-01 challenge).
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.
