Cox disables port 80; certbot cannot issue letsencrypt certs because of challenge issue

[derekcentrico]

Okay, so I was stressing all day trying to figure out just what is wrong for NPM to not generate certs.

"Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet."

This wasn't really helpful until it dawned on me to see if Cox permits port 80. It does not.

Certbot, in NPM's setup, seems to only use http:// (80) to do the challenge verification. But, Cox would only permit it to occur on https:// (443).

Searching for a way around this but without success.

How can I workaround this issue so that I can setup NPM to have https:// access to my other docker containers?

[ceddy30]

Setup Cloud Flare as your DNS for your domain on your registrar.
And use Cloudflare DNS challenge.
With this you do not need to expose port 80 for LetsEncrypt cert challenges.
This does require creating a free CF account and using them as your DNS name servers on your registrar. And setting up an API user on CF that has access to your DNS zone.
When making certs the DNS challenge will use CF and your API token to make sure DNS entries exist and then generates the cert.

With this setup I only have one port open to the world for my vpn. 80 & 443 are not open on my network and I can still generate certs, renew, etc.