NetTalk Central

NetTalk Web Server => Web Server - Ask For Help => Topic started by: CaseyR on July 18, 2019, 12:32:22 PM

Title: Let's Encrypt - Renewal - port 80
Post by: CaseyR on July 18, 2019, 12:32:22 PM

Hi, Bruce

You have covered Let's Encrypt often, but I can't find the answer to this question here, in the show notes, or the docs.  My apologies if I have just missed it.

Does the insecure port have to be set to 80 for a Let's Encrypt certificate to be renewed?  If so, how do you leave it open for Let's Encrypt but closed to other traffic?

Thanks.

Title: Re: Let's Encrypt - Renewal - port 80
Post by: Jane on July 18, 2019, 06:42:19 PM

Casey,

According to the docs, it needs to be port 80:
https://www.capesoft.com/docs/NetTalk11/NetTalkWebSecure.htm#RuntimeSettings

As for closing insecure access to other traffic... take a look at (roughly) lines 86 through 114 of netweb.clw.  He's making an exception for LetsEncrypt and redirecting everything else.  Magic!

Jane

Title: Re: Let's Encrypt - Renewal - port 80
Post by: Bruce on July 18, 2019, 07:43:40 PM

As Jane says, it does what you want already (by magic <g>)

cheers
Bruce

Title: Re: Let's Encrypt - Renewal - port 80
Post by: CaseyR on July 19, 2019, 10:57:57 AM

Thanks, Jane/Bruce

I would likely have had more success finding the information if
I had used LetsEncrypt as the search term instead of Let's Encrypt.

Good to know about about the redirect for non LetsEncrypt traffic

Thanks again.