mirror of
https://github.com/home-assistant/home-assistant.io.git
synced 2025-05-13 06:28:59 +00:00
4cda6df98b
Before finding this guide, I ran into the Port 80 problem described in this page (likely blocked by ISP) and [posted about it in the LetsEncrypt forums](https://community.letsencrypt.org/t/help-with-standalone-certbot-failed-to-bind-to-80-using-ipv4/37701/8). While this excellent guide helped me circumvent that immediate issue, a certbot engineer suggested an alternate method for automated cert renewal that did not require manually changing port mapping every time a cert needed to be renewed. In short, he suggested using a TLS challenge rather than HTTP, so that the Let's Encrypt CA would bind port 443 externally, and specify certbot to bind to port 8123 internally for certificate renewal. He also added that pre- and post-hooks could be passed to certbot so that HA could be stopped/started and port 8123 could be freed for cert renewal. I have verified that this method works in a dry run on my own HA setup and modified step 8 with some suggested documentation