Hi,
it’s just a simple question, but I haven’t found an - explicit - answer for it, so I hope you can clariffy it for me.
I created a cert with certbot for an expressjs-Webserver. For this, I run a HTTP-only server once for the certbot to find the acme-challenge-file.
Now, as the server is running with ssl as wished, the acme-challenge-file for the renewal can be found ONLY over HTTPS (but with the same path). Will this be a problem later?
Thanks in advance and cheers, Christian
Hi @airheart
yes, this is a problem.
Because the draft
requires a http - GET via port 80 as first connect.
You can redirect this GET to https. But if you want to use http-01 - validation, you must have an open port 80.
Thanks for your quick reply!
Damn … that’s what I thought.
So if I have an automatic redirect from http://…/acme-challenge/file to https://…/acme-challenge/file it should work?
What do you mean with “http-01 - validation”?
Cheers, Christian
Yes, Let's Encrypt will follow redirects, even to HTTPS.
This means the normal, HTTP-based method of confirming your ownership of the domain. Let's Encrypt also supports other validation methods like a DNS-based one.
Sounds good! I will keep an eye on this and try a renewal before it might break anything.
I understand
Great. Many thanks to you.
Cheers, Christian
Yes, it's the default for Certbot 
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.