On Sun, 7 Feb 2016 19:06:30 -0700
Corey Edwards <ten...@zmonkey.org> wrote:
> On Sat, Feb 6, 2016 at 10:59 AM, Charles Curley <
> charlescur...@charlescurley.com> wrote:
>
> > I did hit one problem. I normally run my server on a non-standard
> > port. I did not know if LE would use that port, and saw no
> > provision to specify the port.
> >
>
> There's an undocumented option to specify an alternate port
> (--tls-sni-01-port), but from what I read it's not actually supported
> by the public infrastructure. Meaning, you could do it but only if
> you were running your own LE CA (which of course would defeat the
> point). I think it's supposed to protect against rogue users running
> daemons on servers they have access to, but not control of; think
> shared hosting.
It's documented.
./letsencrypt-auto --help all
...
--tls-sni-01-port TLS_SNI_01_PORT
Port number to perform tls-sni-01 challenge. Boulder
in testing mode defaults to 5001. (default: 443)
...
But since I have no idea what a lot of this stuff means, I didn't
realize that was what I was looking for.
Anyway, thanks again.
--
The right of the people to be secure in their persons, houses, papers,
and effects, against unreasonable searches and seizures, shall not be
violated, and no Warrants shall issue, but upon probable cause,
supported by Oath or affirmation, and particularly describing the
place to be searched, and the persons or things to be seized.
-- U.S. Const. Amendment IV
Key fingerprint = CE5C 6645 A45A 64E4 94C0 809C FFF6 4C48 4ECD DFDB
/*
PLUG: http://plug.org, #utah on irc.freenode.net
Unsubscribe: http://plug.org/mailman/options/plug
Don't fear the penguin.
*/
