4

I've found many similar questions, people asking about how-to setup SSL on different ports (other than 80/443), i.e. 1234 port. However, all answers were like use redirection or proxying requests or dns-validation (instead of http) or use alternative approaches. However, nowhere you can find even a single answer in StackExchange manner, I mean step-by-step for newbie, how to do that.

However, note, redirection is not solution, because on 80/443 a person might have a regular website, but on 1234 port a completely different app. So, just "redirection" from 1234 to 80 will mess-up sites, right?

T.Todua
  • 222

2 Answers2

5

It's perfectly fine to have Nginx on port 80 merely for HTTP-01 challenge and then use the certificates created using it on another web applications or even another server software altogether. It doesn't need to perform any reverse proxying in order to serve the http://example.com/.well-known/acme-challenge/, e.g.

server {
   listen 80;
   server_name example.com;

location /.well-known/acme-challenge/ {
       alias /var/www/letsencrypt/.well-known/acme-challenge/;
   }
   location / {
       return 404;
   }
}

Furthermore, you don't necessarily need a web server listening on port 80 at all, as Certbot can use its own built-in web server for handling the challenges:

sudo certbot certonly --standalone --preferred-challenges http -d example.com
Esa Jokinen
  • 52,963
  • 3
  • 95
  • 151
0

To extend @Esa's nice answer, here is what exact steps I did for Apache:

  1. Generate the certificate as @Esa said.
  2. Go to /etc/apache2/ports.conf and change 80 or 443 to whatever port you want
  3. Also in /sites-available/example.com change the VirtualHost to desired port. Ensure, there are the commands for SSL file paths (resulted from the certbot installation)
  4. systemctl restart apache2

p.s. People who needs for WordPress, ensure that redirection doesn't redirect to old port. Before changing that in WP Dashboard>Settings, you can set this in `wp-config':

define('WP_SITEURL','https://example.com:1234/');
define('WP_HOME','https://example.com:1234/');
T.Todua
  • 222