Changing certificates duration

Hi, great work with both certbot and acme. It works so well that I wanted to try doing a bit more testing so I downloaded client and server and I am currently doing some modifications. I have had no problems until now when I have tried to change the duration of the certificates (to max 1 month) with no success, any idea?

The duration is determined by Let’s Encrypt and can’t be changed by the user.

@sapso, when you said that you downloaded the server, do you mean that you’re planning to issue your own certificates from your own CA (which wouldn’t be trusted by other people’s browser)? In that case, you could change the expiration time of those certificates. As @Osiris says, there is no way that you can change the expiration time of certificates that are issued by the Let’s Encrypt CA itself.

Yes, the certificates whose validity I am trying to alter are those from my own acme CA instance, sorry for my poor explanation in the previous message. So, I was expecting some kind of constant to define the duration but I have found none and now I am starting to look for it but in the certbot code.

Is the ACME CA instance Boulder? If so you would need to change the expiry values from the CA config file that you're using.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.