Background: I'm following this guide "How to use Let's Encrypt with an SSH Bastion"
working on Teleport Trusted Clusters
Teleport leaf clusters are in remote stores geographically.
Teleport root cluster is in Amazon AWS cloud.
Goal is to auto-renew Teleport Certificate.
Question, In those remote store environment(Teleport leaf cluster) where I can not control the network, say no management access to gateway firewall of the store.
Can I use certbot to launch a web server listening on port 80 to respond to a ACME challenge?