Lets Encrypt Port 80

[Afox]

Hello,

to feel more secure I have the following question about Port 80 that has to be open for LE cert creation and renewal:
Is there a service constantly listening on that port or just at the very moment when creation or renewal takes place?

I have the same question for the PVE LE implementation but assume that both the PMG and the PVE behave the same.

Thanks for any answer.

Best regards,

Afox

 

[Stoiko Ivanov]

Is there a service constantly listening on that port or just at the very moment when creation or renewal takes place?

only when the challenge verification happens.

you can try it out - by registering an account and getting a certificate via http-01 challenge - once done - check the `ss -tlnp` output - port 80 should not be LISTENING

I hope this helps!