in the instructions, it says that a cronjob is placed automatically for renewing the certificate, once it is outdated.
Does renewal take place over port 443 (HTTPS) or port 80 (HTTP)?
I configured my Apache2 web server so that only traffic over port 443 is allowed. Do I have to open port 80 for renewal of the certificate?
If you've used the
http-01 challenge (probably), then yes, port 80 needs to be open.
@Osiris thanks for the quick reply, I will reconfigure my web server so that HTTP requests are automatically handed over to port 443/HTTPS.
"Handed over to" via a 301 redirect, right? (Not TCP port forwarding.)