LetsEncrypt without port 80

I have the NextCloudPi up and running but am hitting a wall trying to get LetsEncrypt working. My ISP blocks port 80, hence the app in the Nextcloud Panel app will not succeed. Through doing a little searching I came across this post:

Got through steps 1-4, so I have the certificates in the drive. But step 5 is not for this type of installation.
How do I get the NCP to use these certificates?

The general advice is to point the webserver to the certs.

The specifics depend on which web server is in use (nginx, apache, etc.).

Which domain registrar are you using?

That will be a bit tricky.

The easy part: You’ll look into ~/.acme.sh/<your-domain>/ add look at the <your-domain.conf> file. And you probably find something like the following:

Le_RealCertPath=''
Le_RealCACertPath=''
Le_RealKeyPath='<some-path>/<your-domain>.key'
Le_ReloadCmd='systemctl reload apache2'
Le_RealFullChainPath='<some-path>/<your-domain>.fullchain.cer'

You have to change the Le_Real<***>Path entries to point to your “nextcloudpi letsencrypt” certs. Probably inside /etc/letsencrypt/live or similar.

And you have to change the “Le_ReloadCmd” to make the nextcloudpi web server to reload it’s config.

Now the problem: You have to permanently disable the builtin certbot in nextcloudpi. (I don’t know nextcloudpi very well.) Probably it’s enough to edit this crontab entry.

Alternative: as you can see in the nextcloud/vm scripts certbot is also able to use the dns challange.

so you may change the nextcloudpi letsencrypt script to use the dns challange as well.

probably it’s only this line:

check the certbot documentain for more details.

I am using a free one from duckdns.org. NextcloudPi uses Apache is I am not mistaken.

Wow! That’s above what I was planning on doing!

@nanu.nanu maybe instead of using acme.sh you may have a look at

and see if you can integrate this into your nextcloudpi.

Thank you!

you have some news? were you able to configure it?