Port setting in cli.ini

brauliobarahona · March 4, 2021, 9:37am

Dear all,

What is the purpose of the --http-01-port flag in the cli.ini file? I am looking at this configuration (shell command to create the file ini file):

cat <<EOT | sudo tee /usr/local/etc/letsencrypt/cli.ini
authenticator = standalone
agree-tos = True
http-01-port = 8090
tls-sni-01-port = 8443
non-interactive = True
preferred-challenges = http-01
EOT

The above snippet is from the recipe of an application to setup up a load balancer and certificates.
However, I am going to setup another application and need to create standalone certificates. Why is the above using 8090 port? what is the purpose of http-01-port? Do I need to include such flag in my standalone setup where I have the standard 8080 port for http?

Another example cli.ini that I am looking at is this. Also in this question there is an example.

_az · March 4, 2021, 9:41am

In the haproxy tutorial you linked, the purpose is that haproxy listens on port 80 and proxies ACME requests to Certbot, which (thanks to the --http-01-port) runs on port 8090.

However, if you don't have any proxy or webserver, then it's not a relevant setting.

system · April 3, 2021, 9:42am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Is "cli.ini" still valid and in use Help	7	2539	October 18, 2022
Recommended CURRENT setup for LE behind haproxy 2.1 Help	3	639	May 29, 2020
Lestencrypt-Standalone cli.ini Help	6	6916	November 2, 2017
Use of "http-01-port" as flag (not during testing) Help	19	2845	November 9, 2019
Standalone http-01 challenge worked on port 8080 in past, but now it does not work Server	5	8008	April 10, 2017

Port setting in cli.ini

Related topics