NetTalk Central

Author Topic: Let's Encrypt - Renewal - port 80  (Read 5339 times)

CaseyR

  • Sr. Member
  • ****
  • Posts: 448
    • View Profile
    • Email
Let's Encrypt - Renewal - port 80
« on: July 18, 2019, 12:32:22 PM »
Hi, Bruce

You have covered Let's Encrypt often, but I can't find the answer to this question here, in the show notes, or the docs.  My apologies if I have just missed it.

Does the insecure port have to be set to 80 for a Let's Encrypt certificate to be renewed?  If so, how do you leave it open for Let's Encrypt but closed to other traffic?

Thanks.

Jane

  • Sr. Member
  • ****
  • Posts: 372
  • Expert on nothing with opinions on everything.
    • View Profile
    • Email
Re: Let's Encrypt - Renewal - port 80
« Reply #1 on: July 18, 2019, 06:42:19 PM »
Casey,

According to the docs, it needs to be port 80:
https://www.capesoft.com/docs/NetTalk11/NetTalkWebSecure.htm#RuntimeSettings

As for closing insecure access to other traffic... take a look at (roughly) lines 86 through 114 of netweb.clw.  He's making an exception for LetsEncrypt and redirecting everything else.  Magic!

Jane

Bruce

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 11250
    • View Profile
Re: Let's Encrypt - Renewal - port 80
« Reply #2 on: July 18, 2019, 07:43:40 PM »
As Jane says, it does what you want already (by magic <g>)

cheers
Bruce

CaseyR

  • Sr. Member
  • ****
  • Posts: 448
    • View Profile
    • Email
Re: Let's Encrypt - Renewal - port 80
« Reply #3 on: July 19, 2019, 10:57:57 AM »
Thanks, Jane/Bruce

I would likely have had more success finding the information if
I had used LetsEncrypt as the search term instead of Let's Encrypt.

Good to know about about the redirect for non LetsEncrypt traffic

Thanks again.