I’m trying to use the manual method for validation of domain. I can not run the let’s encrypt client on the webserver. Everything goes well until the ACME server tries to do the actual validation. When the client is run in verbose mode we can see that it first tries the challenge url over http, then it proceeds to try the challenge over https. We serve ssl on the sever but it is for a different domain (example.net). So the challenge fails with a certificate error, saying https://example.com/ has an invalid ssl cert. The issue is the ACME server should NOT try to use https for example.com (domain we are trying to get a let’s encrypt cert for). Or the server should fall back to http if there is an issue with https.
Is there a way to force the ACME protocol to only try the challenge url on http?
Adjusting the server to not server https on example.com is not possible.