If you’ve also deleted the private keys: no luck. The certificates can be found in the list of all certificates issued by Let’s Encrypt, but your server can’t function without the corresponding private key.
You should have tested with the staging server by adding --test-cert to the command line options.
I already moved everything, but firefox still go to https.
Is there anyway I can revoke all the certs so when I have waited the seven days I can ask for the certs again for the subdomains I really need? I think I also made a mistake with the list of subdomains when making tests.
Hi @voylinux, if you chose “Secure” when you installed the certificate, it would have added a redirect directive to your Apache configuration which sends a redirect header at the HTTP level to tell clients that the location of the page has moved to the HTTPS version. If you remove the redirect directive from your Apache configuration file and restart Apache, people should once again be able to go to the HTTP version of the site.
The /etc/letsencrypt directory does contain cryptographic keys which are needed to prove your identity to the Let’s Encrypt CA (and to people who visit your site). Without those cryptographic keys, you can’t easily revoke a certificate because there’s no way to distinguish you from anyone else who shows up asking for a certificate to be revoked! Also, revocation does not affect the rate limits so it wouldn’t allow you to get new certificates sooner.
If you registered an e-mail address when you originally ran the client, there may be a way to do e-mail-based recovery to set up an account key. I’m not sure what the state of the implementation of that functionality is on the client or server side at the moment; I think we may not have the tools finished. But I think in your situation revocation isn’t exactly what you need because it won’t help with the rate limit, and simply removing the redirect should allow you to let people visit your site again.
Hi @shoen, unfortunately I’m in the same situation. I deleted the certs after a hack I had on my server…
When I will be able to use the service again? I mean, apparently I could create a new cert but the https is not working.
I only have the “csr” and the “renewal” folders and the “options-ssl-apache.conf” file.
Thank you @serverco. I should generate a new cert now? Or You mean that the one I generated yesterday is ok?
If helps, I noticed that only the first installation created an Apache vhost, and asked me for the kind of installation, but not for the following installation.
Is there something I should check in my apache2 / wmin installation?
Yes, that’s enough background info - great, thanks.
for adding the cert via webmin see the webmin SSL documentation You can ignore the first bit ( about generating the SSL cert) and then follow the next bit about setting up a site to use SSL.