Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make Let's Encrypt Certbot to listen for requests from a port different than 80 #62

Open
Ivansete-status opened this issue Feb 23, 2024 · 1 comment
Open

Make Let's Encrypt Certbot to listen for requests from a port different than 80 #62

Ivansete-status opened this issue Feb 23, 2024 · 1 comment

Comments

@Ivansete-status
Copy link
Contributor

This request came from @jakubgs in a Workshop session

The idea is to avoid listening to upcoming requests from port 80:

nwaku-compose/docker-compose.yml

Line 42 in a4d77b0

- 80:80 #Let's Encrypt

In the following...

nwaku-compose/run_node.sh

Line 20 in a4d77b0

certbot certonly\

... we might need to add the following parameters, f.e.: --standalone --http-01-port 8080 (or a different port number as the user wishes.)
@jakubgs
Copy link

jakubgs commented Feb 23, 2024
edited
Loading

There's at least three major issues here:

  1. The majority of normal users will be within a LAN and behind a NAT so the port 80 will not be exposed publicly.
  2. The majority of normal users will not have a public IP, nor a DNS record to set for their non-existent public IP.
  3. Port 80 is often used by default installations of HTTP servers like Nginx so it probably will be taken.

This means that the probability of this working for a normal user that doesn't know about firewalls, NAT, DNS, and has no public IP is essentially 0%.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jakubgs @Ivansete-status