Documentation for manual mode


#1

i understand that manual mode is not considered ready for prime time yet (https://github.com/letsencrypt/letsencrypt/issues/1087 etc.) but from the little mentions of this in past threads/issues and by looking at the source code i’m still not able to understand how to run the manual auth process. none of my attempts seem to trigger manual mode:

$ ~/.local/share/letsencrypt/bin/letsencrypt --manual -d domain.example.tld auth
Failed authorization procedure. domain.example.tld (dvsni): unauthorized :: The client lacks sufficient authorization :: Correct zName not found for TLS SNI challenge

as a beta tester i am happy to deal with keys/csrs/certs manually (in my test environment i cannot use automatic auth due to security policies) but would find it useful to at least make sure i am following the correct procedure to trigger manual auth, so that i can test this and report any issues: is the current manual procedure documented anywhere, as all the examples i could find seem to be outdated?


How to pass domain verification with a server that doesn't control the domain
#2

try
-a manual instead of --manual
as said in the issue you linked that gives you manual mode.


#3

great, thanks! i had misinterpreted that part of the issue thread as being discussion on potential syntax, not on actual working syntax. with that, it worked smoothly. i see now that this is even documented in the sphinx manual, it just didn’t show up in search when i tried earlier… :confused:
i guess it’s not mentioned more prominently because of not being considered the preferred method at this stage, but i would imagine quite a few early users would find this useful in context where configuration is managed and locked down via puppet/chef/ansible/etc - hopefully this thread will help :smile:


Certificate to be imported into another device
#4

Here is a HowTo use in manual mode:
https://www.tty1.net/blog/2015/using-letsencrypt-in-manual-mode_en.html