I renewed my certificate from a new computer, and a few things changed
- the certificate no longer includes the Key Encipherment value under the property Key usage
- the algorithm has changed from RSA to ECC
- My c# code is no longer able to read the private key from the certificate.
What did I do: After I installed certbot on my new computer I copied the contents of C:\Certbot from the old computer to the new, I wanted to keep all the settings and account data. Certbot created a new live-folder called tendfor.net-0001 instead of using the old folder tendfor.net when i ran the renew command.
How do I get certbot to generate certificates like the one my old computer produces?
My domain is:tendfor.net
I ran this command:
certbot certonly --manual --preferred-challenges dns -d *.tendfor.net,tendfor.net
It produced this output:
Saving debug log to C:\Certbot\log\letsencrypt.log
Certificate not yet due for renewal
You have an existing certificate that has exactly the same domains or certificate name you requested and isn't close to expiry.
What would you like to do?
1: Keep the existing certificate for now
2: Renew & replace the certificate (may be subject to CA rate limits)
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
Renewing an existing certificate for *.tendfor.net and tendfor.net
Successfully received certificate.
Certificate is saved at: C:\Certbot\live\tendfor.net-0001\fullchain.pem
Key is saved at: C:\Certbot\live\tendfor.net-0001\privkey.pem
This certificate expires on 2023-07-13.
These files will be updated when the certificate renews.
- This certificate will not be renewed automatically. Autorenewal of --manual certificates requires the use of an authentication hook script (--manual-auth-hook) but one was not provided. To renew this certificate, repeat this same certbot command before the certificate's expiry date.
If you like Certbot, please consider supporting our work by:
- Donating to ISRG / Let's Encrypt: Donate - Let's Encrypt
- Donating to EFF: Support EFF's Work on Let's Encrypt | Electronic Frontier Foundation
My web server is: nginx/Self hosted .net 6 application
The operating system my web server runs on is : Windows Server 2022
My hosting provider, if applicable, is: N/A
I can login to a root shell on my machine: Yes
I'm using a control panel to manage my site: No
The version of my client is : certbot 2.5.0