• Command line arguments
• Settings.json
• Plugins
  • Source
    • IIS
    • Manual
    • CSR
  • Validation
    • HTTP validation
      • Self-hosting
      • Filesystem
      • FTP(S)
      • SFTP
      • WebDav
      • REST
    • DNS validation
      • acme-dns
      • Alibaba (Aliyun)
      • Azure (Microsoft)
      • Cloud DNS (Google)
      • Cloudflare
      • DigitalOcean
      • DNSEXIT
      • DNS Made Easy
      • Domainname.shop
      • Dreamhost
      • GoDaddy
      • Hetzner
      • InfoManiak
      • Linode (Akamai)
      • LuaDNS
      • Manual
      • NS1
      • RFC2136
      • Route53 (Amazon)
      • Script
      • Simply
      • Tencent
      • TransIP
    • TLS validation
      • Self-hosting
  • Order
    • Single
    • Host
    • Site
    • Domain
  • CSR
    • RSA
    • EC
  • Store
    • Azure KeyVault
    • Certificate Store
    • Central Certificate Store
    • .pem files (Apache etc.)
    • .pfx file
    • User Store
  • Installation
    • IIS bindings
    • Script

Self-hosting

This plugin launches a temporary built-in TCP listener that stores the validation details in memory. This requires exclusive access to the port, so it cannot be used while another application is handling connections.

Non-default port

Even though the ACME server will always open the validation connection on port 443, you may forward that to another port within your internal infrastructure. Using the --validationport switch you can tell the plugin to listen to a specific port.

Unattended

--validationmode tls-alpn-01 [--validation selfhosting] [--validationport 4330]