SSL for non-webservers

#1

Been trying to read up through posts, but I didn’t so far find a definitive answer.
Is there a way to generate and autorenew certs if port 80 and 443 is used for a non-web application?
Yes I know this isn’t by standards, but I do have an application with an API running on those ports that doesnt have a regular web service thus no webroot to put files in.

I don’t want to script a stop and start on the service either.
So is there any way to request and autorenew certificates for this service then?

-Helge

#2

If your DNS host has an API that’s supported by an ACME client, you can use DNS validation instead.

#3

Using cloudflare for DNS. Got a link handy for how to accomplish this on linux (using Debian, but any will be ok)?

-Helge

#4

My preferred client is acme.sh, which does support cloudflare. See:

#5

Thanks, easy and nice. Appriciate it :slight_smile: