Cli.ini and key-path or csr parameter


Hi there,

I’m relatively new to Let’s encrypt but I could’t find an answer in the user guide ( nor here via the search.

My question is: Is it possible to include cli paraneter such as --csr, --key-path, --cert-path and/or --fullchain-path in the cli.ini config file?

Because this would make my live a little bit easier and would improve the cli parameters I have to maintain.

In my scenario I only have one domain per server to maintain. So a single config file (cli.ini) would be nice to initially request and later renew the certificate I receive from LE.

Best regards


Hi René, I’m not sure what you’re asking. Do you mean you’d like to specify the location the cert and chain are saved to? I don’t think that exists at the moment, at least not with the official client. However, there are other clients that allow you do do that (NeilPang’s client, for example).

Once created, you don’t have to specify anything again in order to renew. Since version 0.4, the client saves all the parameters used to create the certificate and uses them again when renewing. You simply use the option “renew” and the client does the rest:
letsencrypt renew

If you have more than a month before expiry, the client will do nothing. However once you’re in your last 30 days, the client will renew the certificates. If you use the option --renew-by-default the client will renew even if there’s more than 30 days before expiry.

I hope this helps!


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.