I want to generate cerifcates manually for a third party server. On that server I want to use a custom port for the verification. So I use the following command:
letsencrypt certonly --manual --http-01-port 6666 -d doamin.tld,sub1.domain.tld,sub2.domain.tld
I’m also using the python command provided:
# run only once per server: $(command -v python2 || command -v python2.7 || command -v python2.6) -c \ "import BaseHTTPServer, SimpleHTTPServer; \ s = BaseHTTPServer.HTTPServer(('', 6666), SimpleHTTPServer.SimpleHTTPRequestHandler); \ s.serve_forever()"
(The server is effectively run to listen to port 6666)
I then create the requested files file on the right locations (
/tmp/letsencrypt/.well-known/acme-challenge) for each domain.
For each of them I get the following warning:
2015-12-07 15:37:40,921:WARNING:acme.challenges:Using non-standard port for http-01 verification: 6666
Then the verification step fails:
Failed authorization procedure. sub1.domain.tld (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://sub1.domain.tld/.well-known/acme-challenge/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx [22.214.171.124]: 404
Of course it fails,l because the request is made on port 80 instead of 6666 as I expected. Besides I checked with a browser, the file is correctly served on port 6666.
Heres my question: Am I doing something wrong? Is that a bug? Or am I misunderstanding the use of