Hello there,
My ISP is blocking port 80.
Considering -preferred-challenges tls-sni is now disabled, I will not be able to authenticate with LE and subsequently easily renew unless port 80 is available?
Thanks,
Hi @Mukrosz,
Please see
for more information about your options. There are two other methods available in addition to HTTP-01. However, you won’t be able to use certbot --nginx or certbot --apache unless port 80 is available.
Thank you,
So basically my only option is DNS-01 challenge. Port 443 route is no longer available.
If you’re using Certbot, that’s right. If you want to consider using a different Let’s Encrypt client, lego and acme.sh (at least) have some level of support for TLS-ALPN-01 validation, which can still work over port 443. Certbot may support this method in the future, but implementing it isn’t currently scheduled.
1 Like
Understood.
I’ll check the aforementioned projects. it will be difficult because of the very many years of certbot sentimental attachment 
Many thanks for your help!
Or: switch to another ISP.
For the most part, all ISPs do that for consumer level, at least where I live.
I’d need to upgrade to a business package and pay a lot more to have port 80 available to me.
Money grab, all it is.
Thanks again @schoen.
I got it to work with acme.sh using port 443
2 Likes
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.