Under what circumstances is it possible for a domain to change hands, and then a new certificate issued to a new entity for the same domain name? A web site owner recently died and may or may not have left sufficient information for other people to be able to take over control, which may mean that the domain will have to expire and then be reclaimed by a new owner of the same content. The web site is currently serving a LetsEncrypt certificate. After the domain changes hands, will LetsEncrypt recognize the new owner and permit a new certificate, or does something else need to be done to permit this?
Let's Encrypt certificates have no relationship with the domain registrar or the domain owner. Anyone with control over a domain can request a certificate from Let's Encrypt.
This is one of many reasons why Let's Encrypt certificates have short lifetimes: This ensures that domain control is frequently re-validated and prevents an unauthorized entity previously controlling the domain to receive new certificates over a prolonged period [overlaps "old cert still valid, but ownership changed" are still possible, but not for 1+ years).
This does not mean that the current certificate has to expire before a new one can be issued - certificates can (and should be) issued before older ones have expired.
Cool, thank you. I suspected that might be the case. So as long as we can get the domain transferred, everything else should be fine.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.