Port setting in cli.ini

brauliobarahona · March 4, 2021, 9:37am

Dear all,

What is the purpose of the --http-01-port flag in the cli.ini file? I am looking at this configuration (shell command to create the file ini file):

cat <<EOT | sudo tee /usr/local/etc/letsencrypt/cli.ini
authenticator = standalone
agree-tos = True
http-01-port = 8090
tls-sni-01-port = 8443
non-interactive = True
preferred-challenges = http-01
EOT

The above snippet is from the recipe of an application to setup up a load balancer and certificates.
However, I am going to setup another application and need to create standalone certificates. Why is the above using 8090 port? what is the purpose of http-01-port? Do I need to include such flag in my standalone setup where I have the standard 8080 port for http?

Another example cli.ini that I am looking at is this. Also in this question there is an example.

_az · March 4, 2021, 9:41am

In the haproxy tutorial you linked, the purpose is that haproxy listens on port 80 and proxies ACME requests to Certbot, which (thanks to the --http-01-port) runs on port 8090.

However, if you don't have any proxy or webserver, then it's not a relevant setting.

system · April 3, 2021, 9:42am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.