Manually Generate Let's Encrypt Certificate and convert to .crt and .key

Post Reply
  • Author
  • Message
Offline
User avatar
Admin
Posts: 57
Joined: 31 Oct 2013, 13:36
Contact:

Manually Generate Let's Encrypt Certificate and convert to .crt and .key

Post by faridmmv » 17 Oct 2019, 12:32

Code: Select all

wget https://dl.eff.org/certbot-auto
chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it installs all of its own dependencies and updates the client code automatically.

Then, the command to use the manual plugin will look something like this:

Code: Select all

./certbot-auto certonly --manual -d *.example.com -d example.com --preferred-challenges dns-01 --server https://acme-v02.api.letsencrypt.org/directory
During certificate generation procedure you will need to add txt records to your domain. Make sure you have appropriate access.

If succeed you will see message below:
2019-10-17_11-40-14.png
2019-10-17_11-40-14.png (16.38 KiB) Viewed 207 times
2019-10-17_12-29-10.png
2019-10-17_12-29-10.png (14.09 KiB) Viewed 207 times
Then you can simply change extension of the privkey.pem to privkey.key; cert.pem to cert.crt; chain.pem to chain.crt;
What is returned by the ACME protocol is basically the fullchain.pem file. It’s the signed certificate plus one or more certificates that make up the issuing CA chain. So you then just split that out into cert.pem (the first cert in the file) and chain.pem (the rest of the file). It’s a plain text file and you should be able to see the cert delineations fairly easily.

You’re correct that privkey.pem is the private key you already used to sign the cert request.

Source:
https://community.letsencrypt.org/t/get ... tbot/56285
https://lists.centos.org/pipermail/cent ... 29876.html
https://habr.com/ru/post/413017/
https://stackoverflow.com/questions/137 ... rt-and-key
https://support.code42.com/Administrato ... a_keystore
https://stackoverflow.com/questions/503 ... om-scratch
https://community.letsencrypt.org/t/gen ... cate/78376
Post Reply

Who is online

Users browsing this forum: No registered users and 1 guest