Does certificate renewal involve reinstalling certificate? (standalone, shared web-hosting environment, IIS)


#1

My website is hosted in a shared hosting environment. I ran a standalone .net acme client (https://github.com/oocx/acme.net) to create a challenge file on my home machine. Then while it waited I used ftp to transfer the file to my web-server under ‘/.well-known/acme-challenge’ (after creating those folders on web-server), put a web-config file in ‘.well-known’ folder to allow reading an extension-less file as plain/text and then continued with the acme client which generated .cer and .pfx files. I gave these files to the hosting company who then obliged and installed it for me on the web server. And my site then worked on https!

Now i received an email about certificate nearing expiry date and wanted to know if I should do the whole procedure again or is there an easier method that I am missing? (I read through the renewal posts and they seem similar to generating certificate for first time) Does renewing a certificate mean re-installing it on web server? (I don’t mind the certificate generation procedure, but am not sure if hosting company will like to install it for me every 3 months)


#2

Yes, I’m afraid you need to do the same procedure every time the certificate is to be renewed. If you don’t have access to a shell and the web server configuration, your hosting provider needs be involved every time.

I guess the idea is that hosting providers should add their own implementation of lets encrypt (some have) that handles certificate renewal automatically.