HCL Domino Ideas Portal
Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.
For more information and upcoming events around #dominoforever, please visit our Destination Domino Page
With the information provided by Daniel, it seems that this would solve the problem. I'm going to place this idea in "No Plans to Implement". But if you still think it's needed, then please continue to vote for it.
It's really Domino HTTP which currently needs to respond to the ACME HTTPS-01 challenges.
You can redirect port 80 to port 443 on this server or any other Domino server. Any Domino server in the same Domain can respond to the challenge.
I understand that this a small environment and there is no other server. Plus you only want Nomad web to be exposed?
We have no seen this use case before. But this sounds like an approach that could be implemented if the Nomad server would listen to port 80 and reply to the challenge, which is stored in certstore.nsf where Nomad today already reads the TLS credentials document.
I don't know how big the bussines case is. But technically it would be possible that Nomad web could respond to the challenge.
But if you need solution today, you could open port 80 only for ACME requests on the Domino side today.
Daniel Nashed