Best SSL Certificate for FTP server Web UI running on my PC

Would you please recommend the type of certificate that is best for an FTP server web UI running on my home PC and any info I need to know in order to ge one?

My domain is:
Wing FTP server web UI running on my home PC.
I ran this command:

It produced this output:

My web server is (include version):
Wing FTP server web UI
The operating system my web server runs on is (include version):
Windows 10
My hosting provider, if applicable, is:
Not applicable
I can login to a root shell on my machine (yes or no, or I don't know):
Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
not allicable
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

1 Like

Hi @Kenny1,

Let's Encrypt, whose forum you've posted on, only offers one type of certificate (free-of-charge 90-day domain-validated certificates, issued automatically through an API).

These are the known Let's Encrypt client applications that can run on Windows:

Do you happen to know if the web UI is using a particular web server, like nginx, in order to host its content?

1 Like

Thank youu for your reply Seth. I'm sorry, but I only know that it's the web ui of Wing FTP server and I want to run it on my PC with a Let's Encrypt certificate. I previously ran it on http to share files with my friends, but now they can't even log into it by http. Can you please direct me to how to generate a certificate and hopefully it will work? Thank you again.

Kenny

1 Like

I forgot to ask—do you have a domain name? (You need a domain name in order to get a certificate.)

1 Like

Yes, I do Seth. Thank you. I'm using dynu.com free dns and my web server UI will be running on vipserve.dynu,com. However, I yet have no idea where and how to generate the certificate. Would you please direct me?

Kenny

1 Like

You could try https://certifytheweb.com (the app I develop) , choose DNS validation on the Authorization tab when creating your new certificate, pick the Dynu DNS option.

On the Tasks tab add a Deploy to Generic Server deployment task (configure a path to write the files out under Task Parameters) , this will write out your certificate files in the PEM format you need. Then just configure Wing FTP to point to the correct files: Wing FTP Server Help

Subsequent automatic renewals may need the Wing FTP service to restart, if so configure a "Stop, Start, Restart a Service" deployment task as the last Task. Certificate renewal will then be automatic.

2 Likes

I was going to mention that automating the renewals could be difficult because Wing FTP is using your port 80, so you may also need to tell Certify the Web to stop Wing FTP before obtaining the certificate and then restart it after obtaining it. But that suggestion sounds great overall.

1 Like

Thank you so much. I figured out where to enter all items in the app and was able to successfully generate a renewable SSL certificate for my web server.

Now, I assume that in order for the certificate to keep renewing, the Certify SSL Manager Service must keep running?

Also, if needed, can an edit to the certificate be made and then request be clicked again?

Thank you again,

Kenny

@webprofusion:

I just tried to generate a second certificate for another Server web UI, but the program is saying,
"Error creating new order:: too many certificates (5) already issued for this exact set of domains in the last 168 hours:vipserve.dynu.com:see https://letsencrypt.org/docs/rate-limits."
The fact that it sees five is an error. I only generated one successfully. But it seems that it's counting the times the same certificate request ended in errors and a certificate was not actually generated.
Would you please tell me how to make it read the correct number of generated certificates?

No, you have in fact created five:
https://crt.sh/?q=vipserve.dynu.com

@danb35
So, every time I clicked to request a certificate and the app said "error," it must have generated a certificate anyway, even though only one appears as being generated successfully?

The app also lists a second certificate I wanted to use for a second web server on my PC, but that one displays in red and says, "Renewal Failure," which it seems I can't fix.

Bottom line is, how do I remove the certificates that should not have generated and that are listed on the page you sent?

Ken, when you click 'Request Certificate' in Certify The Web it does the following:

  • Orders a new certificate to replace your previous one
  • Attempts to run any deployment tasks you have setup

If the deployment task fails that will show as an error but if you check the log you will see where the error is. It will also show as a red error in the Tasks tab. Tasks have a :arrow_forward: button next to them so you can run them as many times as you like without affecting your certificate limit.

Since you already have a good certificate (I assume) and all you're doing is figuring out ways to deploy it to various services, all you need to do is add the deployment tasks you want and test them with the play button next to each task.

We could add a warning in the UI that requesting a new cert will count against your rate limit, but it hasn't been a big issue over the last 5 years or so.

As a follow up tip, there's no need to start a thread on github issues, certify support forum, let's encrypt (4 threads?) for this problem, I can see them all. I just didn't reply because it was Sunday (Yay, timezones).

If you do ever want to escalate a support issue for Certify to the highest priority, there is a helpdesk ticketing system paid users can get access to.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.