Place where to create the certificate and change this folder

I use termux Version 0.118.0 on android:
Kernel build information: Linux localhost 3.18.91-16526088 #1 SMP PREEMPT Tue Jun 29 14:22:03 KST 2021 armv8l Android
my version nginx/1.23.3,

I download version Certbot for windows certbot-beta-installer-win_amd64,
it possible create certificate on my windows,
and then copy folder "live" to my nginx on phone?
But I see in live folder README file: "WARNING: DO NOT MOVE OR RENAME THESE FILES!"/

certbot certonly --manual -d mydomainname --email my@email
I did acme-challenge to verified my site and received the certificate files, but they are on my laptop.
thank you.

Sure, you can copy the cert to your phone, but why exactly would you want to do that?


What service are you trying to secure?


I have a domain on noip site, nginx I configured the server on port 80, I also plan to connect a reverse proxy for the express js server,
I want to see in the browser that the site starts with https, and see lock icon, maybe this will solve the future problems with cors, browser warnings, and it is considered safer.

You can't copy the live folder, but you can copy the cert files. But why are you running a web server on your phone? Or is this a "just because I can" thing? Or perhaps a "homework assignment" thing?


On this site I wanted to place my node js pet project, and test the speed on a live project.
As well as:
types of errors that may occur,
check the speed of different methods, database calls, code block execution speed, etc.
launch an online parser to collect data,
do a couple of experiments on communicating with esp8266
and much more.

Then you need nginx integration OR simply manually add the required code in nginx to use the cert.
As for:

I'm not sure how you're going to run a web service on your phone... But that might be possible.
Although, if you can run a web server on your phone, it can likely also do all the necessary to obtain its' own certificate.


I just checked and the icon appeared,
and the certificate connected,
the main problems are file paths,
you have to spend a lot of time looking for a working solution.

So if I understand you correctly, you're trying to set up nginx/NodeJS et cetera on your Android phone?


It is indeed. I'm afraid the phone will be NATted into oblivion, tho.

@misterio12 can you get to your non-encrypted service from your home internet, if your phone is on mobile network only?


Yes, you are right, nginx reverse proxy and express js.

Probably in this case I will need to create some kind of script that will update the ip address already through the phone and not the PC, in a dns service such as noip or duckdns.
I saw a setting in duckDNS for android, maybe this is the apk file or some else that will update my ip address
This needs to be checked.

If you're running all your services on that Android phone (why would you want to do that anyway?), isn't it possible to run an ACME client on that Android phone too? A low resource ACME client, such as one of the Bash based clients? Or cross-compile one of the C based clients so it'll work on Android? I have no idea if that's even possible...


I thought about something like this,
my linux is in termux app on android,
maybe possible can install something better, some Kali Linux, but these searches take a lot of time,
I read that you can somehow add libraries into the termux, and it is maybe launch a certbot, which will create it all there and update it, but it seems to me that if I start to delve into this now, it process will drag on for weeks.
So far I install the certificate and completed the challenge on the PC, and transfer files to the termux, and it works.
For now, I'll be happy with the result.

While does run on top of a linux kernel (various) and that what you are asking is technically possible, I do not believe that this community is the proper place for technical support of setup an Android as a server that uses and servers TLS Domain Validated Certificates. If you get the support you are looking for here that is great, but I suspect looking towards Android developer forums will be more helpful for you.

There are several Android Forums that maybe a better places to look on; here is just a random sample of some Android Forums. Search and look I am sure you will find more.


Certbot is a Python application and thus would probably require a lot of resources on a device like a mobile phone. It wouldn't be me first choice.


I ran Apache on a jailbroken iPhone once, several years ago. It was cool, for a few minutes. Then I realized, "what's the point?"

3 Likes will work in termux. so will certbot if you can install it. (using pip, maybe)

the issue I can think of is that without root powers (and perhaps even if you do have them) there's no way your services will be on port 80.


If the device is behind a NAT portmap device, it's possible to portmap external port 80 to internal port whateveryoulike, for IPv4 at least.


thanks for the tip, will try and pip
Why can't root?
I can get root, through the sudo command.
According to the correct one, I read earlier, there you need to create a new user, such as user@someuser, and then work through it.