Coming from letsencrypt.sh and going to certbot


#1

Hi friends,
On a fresh Debian jessie VPS (Apache/Postfix-Dovecot) I’ve previous installed (by apt-get) letsencrypt.sh and obtained for a single domain its certificates, by “–apache” plugin.

Now I want to go to Certbot (by apt-get);
What I should do for make correctly this switch, considering that now I would use Certbot without “–apache” plugin and instead with “certonly” plugin?

  1. Should remove manually the previous certificates and obtain the new ones by certbot?
  2. Should delete/change the previous configuration file created by “–apache” plugin? And if so, about what files should I make changes?

Many thanks!


#2

I’d simply install certbot, then (ideally when it’s time for renewal - i.e. 30 days before the current cert expires) run certbot to create new certificates.

Since you are running in certonly mode, simply edit your apache / postfic/dovecot configs to point to the new certs in /etc/letsencrypt/yourdomain.com/live/

once tested - you can remove the old letsencrypt.sh


#3

I assume you mean letsencrypt, not letsencrypt.sh. Letsencrypt.sh (since renamed to “dehydrated”, IIRC) does not have, and has never had, an --apache plugin.


#4

Hi @serverco, here my dpkg output:

dpkg -l |grep lets
rc  letsencrypt.sh                 0.2.0-4~bpo8+1            all          ACME client implemented in Bash
rc  letsencrypt.sh-apache2         0.2.0-4~bpo8+1            all          letsencrypt.sh challenge response support for Apache2

#5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.