Point out that port 80 and 443 is used for http and tls-sni challenges

src/site/markdown/challenge/http-01.md

@@ -21,6 +21,8 @@ http://${domain}/.well-known/acme-challenge/${token}
 
 The challenge is completed when the CA was able to download that file and found `content` in it.
 
+Note that the request is sent to port 80 only. There is no way to choose a different port, for security reasons. This is a limitation of the ACME protocol, not of _acme4j_.
+
 ## Preferred Address
 
 If your domain name resolves to multiple IP adresses, you can set an explicit address that the CA server should prefer to send the request to. This address must be included in the set of your domain's IP addresses.

src/site/markdown/challenge/tls-sni-01.md

@@ -31,6 +31,8 @@ Now use `cert` and `sniKeyPair` to let your web server respond to a SNI request
 
 The challenge is completed when the CA was able to send the SNI request and get the correct certificate in return.
 
+Note that the request is sent to port 443 only. There is no way to choose a different port, for security reasons. This is a limitation of the ACME protocol, not of _acme4j_.
+
 This shell command line may be helpful to test your web server configuration:
 
 ```shell

src/site/markdown/challenge/tls-sni-02.md

@@ -33,6 +33,8 @@ Now use `cert` and `sniKeyPair` to let your web server respond to SNI requests t
 
 The challenge is completed when the CA was able to send the SNI request and get the correct certificate in return.
 
+Note that the request is sent to port 443 only. There is no way to choose a different port, for security reasons. This is a limitation of the ACME protocol, not of _acme4j_.
+
 This shell command line may be helpful to test your web server configuration:
 
 ```shell