Difference between revisions of "Let's Encrypt"
Jump to navigation
Jump to search
(cert lookup) |
|||
| Line 16: | Line 16: | ||
I'm guessing that LE adds a new fileset to <code>archive/{{arg|domain folder}}/</code> for each renewal, and updates the links in <code>live/{{arg|domain name}}</code>. | I'm guessing that LE adds a new fileset to <code>archive/{{arg|domain folder}}/</code> for each renewal, and updates the links in <code>live/{{arg|domain name}}</code>. | ||
| + | ==Errors== | ||
| + | * <code>Error requesting challenges: Error creating new authz :: Validations for new domains are disabled in the V1 API</code> | ||
| + | ** This is because of the [https://community.letsencrypt.org/t/end-of-life-plan-for-acmev1/88430 End of Life Plan for ACMEv1] | ||
| + | ** If you've been using Let's Encrypt via [[VirtualMin]], you may have to actually install CertBot (apparently VirtualMin has its own method of handling renewals but will use CertBot if it is installed) - instructions [https://www.virtualmin.com/node/67390 here], but basically: | ||
| + | *** <code>apt install socat certbot</code> | ||
| + | *** <code>certbot register</code> | ||
==Links== | ==Links== | ||
* [https://crt.sh/?q=htyp.org certificate lookup]: replace <code>htyp.org</code> with any domain. Use %domain for wildcard matches. | * [https://crt.sh/?q=htyp.org certificate lookup]: replace <code>htyp.org</code> with any domain. Use %domain for wildcard matches. | ||
Revision as of 23:50, 1 August 2020
|
This page is a seed article. You can help HTYP water it: make a request to expand a given page and/or donate to help give us more writing-hours!
|
Related
Notes
Files
/etc/letsencrypt/- +
archive/- contains one folder per domain- +
<domain folder>/-- folder names are arbitrary, specified inrenewal/files
- +
- +
live/- +
<domain name>- contains links to the current files
- +
- +
renewal/- contains configurations to load (equivalent tosites-enabled/in Apache/Nginx)
- +
I'm guessing that LE adds a new fileset to archive/<domain folder>/ for each renewal, and updates the links in live/<domain name>.
Errors
Error requesting challenges: Error creating new authz :: Validations for new domains are disabled in the V1 API- This is because of the End of Life Plan for ACMEv1
- If you've been using Let's Encrypt via VirtualMin, you may have to actually install CertBot (apparently VirtualMin has its own method of handling renewals but will use CertBot if it is installed) - instructions here, but basically:
apt install socat certbotcertbot register
Links
- certificate lookup: replace
htyp.orgwith any domain. Use %domain for wildcard matches.