At the end of October last year I obtained SSL certificates for two of my sites fractal-timewave.com and hermetic-systems.com I got the SSL certificates using CertSage with the help of The Griffin (of Griffin Software). The PHP file I uploaded was certsagenc.php which is certsage.php with four in-code permissions modified by The Griffin. I sent the files generated by CertSage (certificate.key, certificate.crt and others) to my ISP, which installed them. All working OK and the SSL is OK.
But now I need to renew the certificates, which expire in a week, and I have forgotten how to do it. I'm using Windows 7 and FileZilla for FTP. I've uploaded certsagenc.php to my fractal-timewave.com server (Apache OS) and I created a folder on that server at one level above the root folder (which hold my public files). I gave this folder permissions drwxrwxrwx (more than needed but not less).
I called up CertSage, clicked on 'Production", specified my email address and two domain names (fractal-timewave.com and another) for which I need certificates. After clicking on 'Proceed' CertSage then replied with: Trouble...authorization failed
Would The Griffin kindly advise what I should be doing that I'm not doing.
Sorry I hadn't replied to your email yet. Have been very busy over the holiday.
The problem you are facing is due to trying to combine the two domain names into one certificate. Since CertSage creates the ACME challenge files for the HTTP-01 challenge in ./.well-known/acme-challenge/, only domain names sharing the same webroot directory where the running copy of CertSage is located can be combined into one certificate. Thus, fractal-timewave.com and www.fractal-timewave.com should be on one certificate while hermetic-systems.com and www.hermetic-systems.com should be on another certificate. This is consistent with what you did before per the certificate histories of both domain names:
The current version of CertSage no longer uses the code.txt file and has corrected permissions, so you should be able to directly benefit from its streamlining and improved stability.
The following table shows the lines to modify in the current version should you wish to customize file and directory names, locations, and permissions.
Entity
Line Number
CertSage directory name and location
018
CertSage directory permissions
285
account.key file name
266
account-staging.key file name
273
account.key and account-staging.key file location
377
account.key and account-staging.key file permissions
379
certificate.crt file name and location
636
certificate.crt file permissions
638
certificate.key file name and location
640
certificate.key file permissions
642
responses.txt file name and location
647 and 686
responses.txt file permissions
649 and 688
You only need to provide the certificate.crt and certificate.key files to your hosting provider. The account.key and account-staging.key files are for your eyes only. The responses.txt file is purely for troubleshooting purposes and contains nothing sensitive should you ever wish to post it here or email it.
Silly me! I did not think to do each domain separately. Just now I tried CertSage (earlier version) again and it worked fine -- it put the four output files in the CertSage folder one level above the www folder (as seen on my server using FileZilla). Many thanks!
I'll now try the new version of CertSage with the modifications you stated. Then will give the required files to my ISP.