Comment 1 for bug 1743779

To support this, we would need to expose port 80 and have a mux that can respond to the http challenge that Lets Encrypt is now generating.
We would also need to expose port 80 for controller machines.
If we are going to do that, we should probably also give a redirect from http:80 to https:17070 for all other requests on port 80, which gives a nice user experience when they do have their own DNS names. Then it redirects them to the GUI on the right port.