I used [https://shredzone.org/maven/acme4j/index.html] for implement LE to my spring app.
When i revoke a certificate , i cannot get an other again.
Somebody have a good practice to delete or revoke a certificate and create an other one ?
why do you revoke a certificate?
That's only required if your private key is stolen.
Letsencrypt certificates are only 90 days valid. So it's enough to wait, then the certificate is invalid.
I need to delete it in order to have an other.
I don’t want to wait until it expires
You don't need to delete a certificate.
Simply create a new, replace it. And ignore the previous certificate.
I delete my old certificates after their expiration date.
I can do it with my java client https://shredzone.org/maven/acme4j/index.html
When i want to renew , ACME can’t finalize the challenge because it already do it with the domain name.
Can you show the exact error message from the client, and logs showing what happened to get there?
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
I ran this command:
It produced this output:
My web server is (include version):
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don’t know):
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you’re using Certbot):
I use java API https://shredzone.org/maven/acme4j/index.html to create a certificate for my domain.
This API alow me as to revoke a certificate with a specific method.
I don’t use command to generate.
Like @mnordhoff asked (thanks!) can you please share the exact error you’re getting from Let’s Encrypt when you try to order another certificate after revoking one?
Could you also share the Java code you wrote using ACME4J?
There’s no reason that revoking a certificate would affect your ability to issue more. I think you probably have a bug or a misunderstanding in your Java code but the only way we’ll be able to know for sure is if you share the error message and your code.
This is my code on github [https://github.com/yakketyyak/spring-base/blob/master/src/main/java/ci/patrickbeugre/spring/base/business/AcmeBusiness.java].
The main method is generateCert.
In fact i use Redis to store the challenge token and content and expose an API in GET.
This API allow ACME SERVER to get the token content to finalize process.
The error is on line 78.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.