Super User Stack Exchange
Super User Stack Exchange

Questions tagged [letsencrypt]

Let's Encrypt is a service provided by the Internet Security Research Group (ISRG), a public benefit organization. Use this tag only for questions that are specific to Let's Encrypt features.

108 questions
40
votes
4 answers

cURL on Ubuntu 14: all Let's Encrypt certificates are expired (error 60)

Today out of a sudden all HTTPS requests, that my Ubuntu 14 server sends to websites with SSL certificates issued by Let's Encrypt, started to fail. The error produced by cURL is: curl: (60) SSL certificate problem: certificate has expired When I…
Finesse
  • 1,101
  • 1
  • 8
  • 9
18
votes
1 answer

Let's encrypt + certbot: where is the private key

I've been using openssl to create key and certificate for my website. Which works fine, but leads to complaints from the browser. Now I would like to move to Let's Encrypt to get a proper certificate. The setup was very simple, I installed certbot…
lhk
  • 373
  • 2
  • 3
  • 14
15
votes
1 answer

How to add a domain to existing certificate generated by Let’s Encrypt/Certbot?

This question is a continuation of essentially the same question that was closed for being "off-topic" on Stack Overflow. The OP's question: I am just simply trying to add the domain test.example.com to the certificate that already exists for…
Mike Godin
  • 655
  • 3
  • 8
  • 16
11
votes
1 answer

How to set the Owner of certificate generated by Let's Encrypt?

I've implemented Let's Encrypt on two production servers with relative ease, and both servers are providing certificates to the websites we run on those servers. What's bugging me though is when you view the certificate information, and the "Owner"…
mickburkejnr
  • 1,487
  • 5
  • 28
  • 38
8
votes
2 answers

certbot: error: unrecognized arguments: --dns-digitalocean-credentials

Trying to execute this command sudo certbot certonly --dns-digitalocean --dns-digitalocean-credentials ~/.secrets/digitalocean.ini -d "*.example.com" --preferred-challenges dns --server https://acme-v02.api.letsencrypt.org/directory i get this…
Anatolii Kovalchuk
  • 81
  • 1
  • 2
7
votes
2 answers

What is the purpose of chain.pem files?

A general question about chaim.pem files; I used a csr obtained from my host, and used the Certbot from LetsEncrypt to generate a https cert; I used the following command $ certbot certonly --manual --csr file-with-my-csr.txt The certbot produced…
joedotnot
  • 431
  • 2
  • 6
  • 17
5
votes
1 answer

How to mount Certificates from CertBot to use inside Docker Container

The official certbot ( https://certbot.eff.org ) tool to issue and renew certificates from Let's Encrypt saves the currently valid certificate to ${prefix}/archive/${domain}/certN.pem, where N is an arbitrary number. The paths that should be used to…
NoMad
  • 742
  • 2
  • 10
  • 19
5
votes
2 answers

certbot-auto ImportError: No module named _ssl

Running certbot-auto gives this output: Error: couldn't get currently installed version for ... File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/cryptography/hazmat/bindings/openssl/binding.py", line 140, in…
Cam
  • 271
  • 1
  • 6
5
votes
3 answers

How to install let's Encrypt on Amazon Linux

How do I install Let's Encrypt Certificates on amazon Linux I already have a WordPress website hosted. Can anyone tell me the steps how do i start with it and what are the commands and what permission I should change and how do i edit ssl.conf and…
O-mkar
  • 163
  • 1
  • 1
  • 6
5
votes
2 answers

Managing LetsEncrypt Certificate expiration and auto-renewals

I've been experimenting with LetsEncrypt SSL certificates and managed to get certificates set up and installed on Windows for use with IIS using the ACMESharp Powershell library. The process to do this is reasonably straight forward and the cert…
Rick Strahl
  • 469
  • 1
  • 7
  • 13
4
votes
2 answers

Is it possible to have a certificate signed by 2 authorities?

To explain the situation a bit: I'm building an iOS application that uses SSL pinning. I've created a self-signed certificate authority that issues SSL certificates to my web server, and the CA's certificate is bundled with the application for…
Ell Neal
  • 141
  • 4
3
votes
2 answers

How do I renew ALL certificates with certbot?

I don't want to only renew the certificates which are going to expire soon. (Whatever soon means). I want to renew all of them to make sure they will be on the same timing in the future. I cannot find a way to do this with certbot. Any suggestions?
Corporal Touchy
  • 407
  • 1
  • 4
  • 11
3
votes
1 answer

How to delete one of the Subject Alternative Names from a Let's Encrypt certificate?

My (currently working) Let's encrypt certificate contains a bunch of Subject Alternative Names. One of these has to be deleted in order to renew the certificate because the domain is no longer available and thus cannot be verified again. I removed…
Juergen
  • 497
  • 4
  • 21
3
votes
5 answers

Thunderbird not updating certificate, keeps using old one and saying it's expired

I have an email server where I have Let's Encrypt SSL certs, expiring every 3 months, and certbot automatically renews it. If I access the server through a website in the browser, the correct and newest SSL certificate is used, but thunderbird…
simernes
  • 165
  • 2
  • 8
3
votes
2 answers

Website spits out PR_CONNECT_RESET_ERROR in firefox's incognito

So I have a site that uses letsencrypt and ssl works fine when I'm browsing my site in firefox. The moment I try browsing my site using incognito mode in firefox my browser throws this secure connection failed error and spits out…
exts
  • 153
  • 1
  • 1
  • 5
1
2 3 4 5 6 7 8