I have a couple of IPv6 apache webservers running, where I got a let's encrypt ssl certificate via Certbot locally installed on the webservers. Now, this all works over port 80/443. Now, the question is how do I get an SSL certificate for a port other than 80/443 for IPv6 ? With IPv4 you can just use Nginx proxymanager for instance and then get a let's encrypt SSL for all your applications that run on any port. However, with IPv6 I do not seem to understand to get an SSl certificate for an application with the domain name https://[ipv6address]:8096 for instance. Hopefully, one of you guys can help me how SSL certificates work for non 80/443 ports.
Thank you for your fast reply @rg305. Now, I just don't know how to get a certificate for applications that I run in docker e.g jellyfin runs on port 8096 for instance. If I go into my jellyfin virtual machine, install certbot I do the following:
Then I get this error message: 'The server will not issue certificates for the identifier :: Error finalizing order ::'. So I figured that you cannot apply for a certificate with a port other than 80
Also, I know that my Jellyfin application is reacheable over IPv6. When I type http://[ipv6address]:8096 I got to my Jellyfin application perfectly, but insecurely without a certificate.
When I try this I only get certificates for ipv6 websites on port 80. I don't know how to get the nginx proxymanager let's encrypt IPv4 equivalent for IPv6 addresses. Because with IPv6 I don't even need a proxy, I can just call the application directly, and I can but only over an insecure connection.
The same ways you get any other LE certificate via ACME protocol:
HTTP-01 validation
HTTPS-ALPN-01 validation
DNS-01 validation
If you already have a certificate, you may be able to use that cert on your IPv6 address with any unused port.
[i.e. You may NOT need to get another cert just for this use]
thank you @rg305. I have never done this before, since I always used nginx proxymanager for IPv4. I will search on the internet on how to set something up like this.
If you already have a certificate for that specific hostname somewhere, can't you simply make some kind of volume in the Docker container where you want to use that certificate?
yess that's a good idea! however I just don't know the exactly where I should mount it to inside the docker container. I did see videos online where they do it inside an NGINX container.
I'm not proficient with Docker in any way, so I can't help you with the details. And Docker configuraton per se is probably outside of the scope of this Community.
how do you use the resulting certificate with a service on a port other than 443? (a matter of configuration for the application that provides that particular service, and in this case maybe also a container that it runs inside of)
