Let's Encrypt on port 21


#1

I Would like to know if I can install Let’s Encrypt getssl certificate on a ftp server where only port 21 is open? Please note that port 80 or 443 is not open on this server.

Thanks,
UR.


#2

Can you use DNS validation? It involves setting a TXT record like _acme-challenge.host.example.com".

(You’l have to set the record to a different value when renewing.)

Can you open port 80?


#3

The short answer is no, Let’s Encrypt will always issue the initial challenge request over port 80 if you’re using HTTP validation. If you can use DNS validation - there are a lot of options even if your DNS provider does not support API access - then you don’t need any ports open.