Forget password, cannot revoke


#1

yestoday i installed letsencrypt on a fresh new server, after i launch the code:
./letsencrypt-auto certonly --standalone --email xjiaoyang@outlook.com -d mysite.com
i am sure the i input a password in the shell which i forget later.
after i get these pem file, i follow this link to integrate with spring boot application:
StuAtGit/LetsEncrypt and this melo’s blog post, but when at the last step ‘import chain’, it did not work because i forget the password, i remeber that the shell says i can recover my credential by my email, but i dont know how to do that.


#2

also, this is my very first time working on letsencrypt. my domain and email was never used before.


#3

Hi @xjiaoyang, I’m not sure what password you’re referring to because I don’t think our client ever asks for a password.

Are you specifically interested in revoking the certificate, or did you want some other kind of help? Do you still have your site’s privkey.pem file? (For example, it might be in /etc/letsencrypt/live/mysite.com/privkey.pem)


#4

Hmm, what password doesn’t ask for a password?


#5

Oops, that was a typo! I’ve edited my post to correct it.


#6

Hello @xjiaoyang,

As @schoen said, letsencrypt client doesn’t ask for a password, the only password request you could get when running the command ./letsencrypt-auto certonly --standalone --email xjiaoyang@outlook.com -d mysite.com is for sudo just because ./letsencrypt-auto executes the command sudo /$HOME/.local/share/letsencrypt/bin/letsencrypt and if you are running the letsencrypt-auto command as a non-root user and depending on your sudo conf, it could ask for your user password, that’s all.

Anyway, I think the password you can’t remember is for the command:
sudo openssl pkcs12 -export -in cert.pem -inkey privkey.pem -out [pkcs_filename].p12 -name [name]

That command has no relation to letsencrypt, it’s just an openssl command to export your cert/key to pkcs12 format. If that is the case, you can run the command again and this time, please, remember the password you use to export the cert in pkcs12 ;). After that you can follow the steps documented in that github/StuAtGit tutorial to import a cert in keystore.

Good luck,
sahsanu


#7

@sahsanu @schoen
thanks, i will try this next week (rates limit reason)