Port 80 blocked but port 443 is not. How do I get a certificate issued?

Hello. I am trying to use Certbot on Ubuntu 16.04 LTS Server edition and nginx. I went ahead and cloned Certbot from GitHub. However when I tried issuing a certificates I found out that my isp blocks port 80. I found a couple of similar threads and people suggested using a VPN to get the certificate issued or DNS Validation. However I was hoping for something a little bit more automated rather than having to mess with my dns every 90 days. Is it possible for me to manually define a port for it to request a certificate or have use https to request the certificate? I wouldn’t mind having to do DNS validation the first time but after that first time I would want it to use the existing ssl certificate and request a new one.(I use NameCheap for my domain and DNS) If anyone has any advice or guidance on how I could get a certificate issued and the ability to automate the renewal process with port 80 blocked, I would really appreciate it!

Basically, you can’t use the HTTP challenge over port 443 without first redirecting there from port 80, no workarounds.

There are some other free automated CAs that allow you to do this, though.

You can automate renewal if you are using Namecheap DNS hosting, it might just be a bit challenging if you use Certbot (you need to provide an authentication hook script to update your domain using the Namecheap API).

Dehydrated, an alternate Let’s Encrypt client, does have a pre-made Namecheap DNS validation hook already, so you could try looking at that.

There is also this tutorial that uses Dehydrated + Lexicon to do automated renewal using DNS + Cloudflare (but you can just tell Lexicon to use Namecheap instead).

acme.sh also supports using Lexicon, which may be a bit friendlier than Dehydrated.

Hopefully you can find a solution somewhere in there :slight_smile: .

Thanks for the links. I unfortunately do not have api access to namecheap. I don’t meet their requirements for api access. :confused:

Hi,

According to namecheap’s website, you can request a api (if you don’t met the requirement) by contacting support.

Thank you

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.