My ISP has started to block port 80

Hello,

I have had a Let's Encrypt certificate on my Synology NAS for a few years now. Yesterday the certificate was due to renew but this did not happen. My ISP have started to block port 80

They say I should use port 88 instead.

Can I still get this to work on my Synology NAS?

You could try using the DNS Challenge instead of HTTP Challenge. See docs for your ACME client.

If you want more advice than that please complete the form questions you were shown

===========================

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

5 Likes

Here is the list of Challenge Types supported by Let's Encrypt.
And Best Practice - Keep Port 80 Open; I am guessing that your ISP does not want to support home base web sites. Maybe it is time to change ISPs or go Cloud based.

2 Likes

Reply with that you'll take your money elsewhere.

3 Likes

Clarifying:

You can not use port 88 to obtain the certificate. Your best option to obtain the certificate is to use the DNS-01 challenge. There is a TLS-ALPN-01 challenge which runs on port 443, but most ISPs that block port 80 will also block that port.

Your ISP likely meant that you can use port 88 to serve files from the NAS.

5 Likes

Thank you all.

I went on buying a SSL certificate instead. My knowledge of these things are so limited that I don't even know where to start installing Let's Encrypt on my NAS without the port 80 solution. There are just too much I know too little about.

Maybe I'll get back to this topic at a later time.

Thank you again!

2 Likes

If you would have filled out the questionnaire as provided by @MikeMcQ (and which should have been shown to you when you opened this thread in the #help section), we might have provided you with an easy to use solution using DNS. Or not. We'll never know now unfortunately.

4 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.