Cancel Certificate Request

Hi there!

I’ve been taking a look at LetsEncrypt and trying to get a better feel for how it could suit my needs.

For me, the best scenario is to request a cert with DNS verification, and then pass on the required config to client to have them configure the DNS record before proceeding to issuing a cert.

I believe this is the best method for me as it allows for an existing site to be hosted away from my control - getting all config ready for eg. a relaunch to new infrastructure.

I’ve been looking at scenarios which I may run in to and was wondering if anyone had thoughts/details around a couple of questions I can’t seem to find answers to:

  • Can you run a command which will only generate the challenge (ie. not try to also complete the generations of certificate).
  • How can I cancel an request which is still un-verified (ie. maybe a typo or client no longer wants to use specified domain).

This is not possible with certbot at present, but is possible with certain other clients such as acme.sh.

This is possible at the API level but is not well supported by CLI tools. If you integrate using a client library it may have a helper function to do this for you, or you can use one of the scripts people have written to do this.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.