Which cert do I use for 443?

If letsencrypt requires 443 for verification, which SSL certificate should I use for serving the verification content? I do not have SSL cert yet at this point.

LE uses port 80 by default first, and if there is no response on port 443 then that is OK.

If your server does respond on port 443 for your domain, then add a self signed cert for your domain name - as if it’s a different domain name it will give an error.

This command gives an error, do you have any idea why? Changing to 443:443 works.
docker run -it -p 80:80 -v "/tmp/le:/etc/letsencrypt" -ti quay.io/letsencrypt/letsencrypt:latest auth --domain [domain] --email hello@[domain] --duplicate --agree-tos