Let's Encrypt
Jump to navigation
Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
This page is a seed article. You can help HTYP water it: make a request to expand a given page and/or donate to help give us more writing-hours!
|
Related
- Secure Sockets Layer
- commands:
- letsencrypt: setup utility (I think)
- certbot: manages certificates
- openssl
Notes
Files
/etc/letsencrypt/
- +
archive/
- contains one folder per domain- +
<domain folder>/
-- folder names are arbitrary, specified inrenewal/
files
- +
- +
live/
- +
<domain name>
- contains links to the current files
- +
- +
renewal/
- contains configurations to load (equivalent tosites-enabled/
in Apache/Nginx)
- +
I'm guessing that LE adds a new fileset to archive/<domain folder>/
for each renewal, and updates the links in live/<domain name>
.
Errors
Error requesting challenges: Error creating new authz :: Validations for new domains are disabled in the V1 API
- This is because of the End of Life Plan for ACMEv1
- If you've been using Let's Encrypt via VirtualMin, you may have to actually install CertBot (apparently VirtualMin has its own method of handling renewals but will use CertBot if it is installed) - instructions here, but basically:
apt install socat certbot
certbot register
Links
- certificate lookup: replace
htyp.org
with any domain. Use %domain for wildcard matches.