Port setting in cli.ini

Dear all,

What is the purpose of the --http-01-port flag in the cli.ini file? I am looking at this configuration (shell command to create the file ini file):

cat <<EOT | sudo tee /usr/local/etc/letsencrypt/cli.ini
authenticator = standalone
agree-tos = True
http-01-port = 8090
tls-sni-01-port = 8443
non-interactive = True
preferred-challenges = http-01

The above snippet is from the recipe of an application to setup up a load balancer and certificates.
However, I am going to setup another application and need to create standalone certificates. Why is the above using 8090 port? what is the purpose of http-01-port? Do I need to include such flag in my standalone setup where I have the standard 8080 port for http?

Another example cli.ini that I am looking at is this. Also in this question there is an example.

In the haproxy tutorial you linked, the purpose is that haproxy listens on port 80 and proxies ACME requests to Certbot, which (thanks to the --http-01-port) runs on port 8090.

However, if you don't have any proxy or webserver, then it's not a relevant setting.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.