Trying creating SSL certificates for a another web server

Hello,
I'm just trying to learn and creating almost everything from the ground up. I'm making an https server in Java and want to get ssl working. I'm already hosting 1 website on my server with 1 ip, but I have another ip for this self-made website. I'm not sure though how to create the certificates for this ip. I'm guessing I get Problem binding to port 80: Could not bind to IPv4 or IPv6. because it's trying to bild to my running websites ip address. So my question is how to change that.

Thanks for the help in advance and let me know if I'm doing anything wrong (any helpful tip is appreciated).

My domain is:
graceteam.xyz

I ran this command:
sudo certbot certonly -d graceteam.xyz

It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log

How would you like to authenticate with the ACME CA?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: Nginx Web Server plugin (nginx)
2: Spin up a temporary webserver (standalone)
3: Place files in webroot directory (webroot)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-3] then [enter] (press 'c' to cancel): 2
Plugins selected: Authenticator standalone, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for graceteam.xyz
Cleaning up challenges
Problem binding to port 80: Could not bind to IPv4 or IPv6.

My web server is (include version):

Is just a simple Java self-written HttpsServer.

The operating system my web server runs on is (include version):
Ubuntu 18.04.4 LTS

My hosting provider, if applicable, is:
contabo.com

I can login to a root shell on my machine (yes or no, or I don't know):
yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
certbot 1.9.0

1 Like

Welcome to the Let's Encrypt Community :slightly_smiling_face:

If you already have a webserver bound to port 80, you can't use standalone because it will conflict with your existing webserver. You would be best off using webroot and specifying the webroot path like so:

sudo certbot certonly --cert-name graceteam.xyz --webroot -w /complete/path/to/graceteam.xyz/webroot/folder -d "graceteam.xyz"

I'm very curious to see your self-written webserver satisfy the http-01 challenges, so please let us know how it goes. :smiley:

Ignore webroot option.
Option 2 is:

So they just need to stop the current one first.

READERS: Get involved. Be heard. Do your part with: If you read something you like, then like it :heart:

1 Like

@rg305

Don't have @alandioda2 do that. :worried: I want to see the self-written webserver succeed in acquiring a certificate. It will be beautiful. :smiley:

1 Like

Well it is supposed to be a web server.
If it fails, then option 2.

:crossed_fingers:

READERS: Get involved. Be heard. Do your part with: If you read something you like, then like it :heart:

1 Like

This is assuming that there is some path on disk from which your self-written web server will serve static files (that it's not just generating all of its responses from software logic, or from a database or something). If there is, this method should work fine!

If you want to do everything from scratch, also check that you have an HTTPS implementation available in Java that you can plug the certificate, chain, and key files into once they're created. Otherwise you'd have to write your own TLS implementation, which is also educational but which is kind of a huge undertaking in comparison to just implementing HTTP logic!

2 Likes

Thanks, everyone!
I'll try all of the options.

1 Like

This post was flagged by the community and is temporarily hidden.