Sub-Domain ok but not those with other SSL port

Carambar · February 3, 2020, 12:10am

Apache 2.4 on Debian 8
certbot-auto version: 1.1.0 (webroot mode)

Hello
I use Certbot for my SSL ceryificat
i Have one domain and one sub-domain (2 certificates with webroot mode)
on the sub-domain, i also have 2 vhosts with different SSL port
sub.domain 443
sub.domain: 4431
sub.domain: 4432

All working great from months

but tonight when i make a “renew” for my domain and the sub-domain, they working great but those who use a different port no longer seem to have correct certificates (yet until now everything worked without problems, and even the sub-domain on ports 4431 and 4432)

Do you have any advice or an explanation why the sub-domain is ok, but not the ones with different ports?
thank you very much in advance

Osiris · February 3, 2020, 6:30am

Let’s Encrypt will only allow challenges to be completed over “authorised” ports. That’s a requirement from the CA/B Forum, to which all public certificate authorities have to adhere. The ports used by Let’s Encrypt are port 80 (http-01 challenge) and port 443 (tls-alpn-01 challenge). Port 53 is also allowed for the dns-01 challenge, but isn’t that relevant in this question, as the DNS servers are “off site” most of the time at the DNS provider.

Port 4431 and port 4432 have never been allowed to connect to.

However, if the sub-domain used by those different ports are identical, it doesn’t really matter: the same certificate can be used for all three virtualhosts.

Topic		Replies	Views
Sous-domaine ok mais plus ceux avec port SSL différent Aide (en français)	1	1238	February 3, 2020
Few subdomains - is port 80 required for each? Help	4	649	February 18, 2020
Create SSL for apache (WAMP) Help	14	2322	April 22, 2023
Unintended Re-directs using sub-domains Help	5	458	July 21, 2021
Create/renew certificate with port different to 443 and 310 redirect Help	3	9844	October 28, 2019

Sub-Domain ok but not those with other SSL port

Related topics