Happy hacker CA?


#1

I successfully registered one subdomain using the letsencrypt-auto command. It worked beautifully. Afterwards, I was attempting to do the same thing for another one of my subdomains on the same box, and I’m getting a ‘test’ certificate back.

For subdomain1 I ran the following
~/letsencrypt/letsencrypt-auto certonly --webroot -w /var/www/html/ -d subdomain1.example.com

When I look at the cert content, it shows the following:
Issuer: C=US, O=Let’s Encrypt, CN=Let’s Encrypt Authority X1

For subdomain2 I ran the same command, substituting the -d flag with the new subdomain
~/letsencrypt/letsencrypt-auto certonly --webroot -w /var/www/html/ -d subdomain2.example.com

When I look at the certificate for this subdomain, it shows the following:
Issuer: CN=happy hacker fake CA

In between the two runs, I added a cli.ini file to attempt to suppress the ncurses prompts. I tried removing it, but it still seems to be generating this bogus certificate.

Any help is appreciated. Thanks!

System Info:
letsencrypt 0.1.1
Ubuntu 14.04.1 LTS
Apache/2.4.7 (Ubuntu)


#2

You most likely used the staging server during the second request
--server https://acme-staging.api.letsencrypt.org/directory

Use the real server instead to receive a working certificate.


#3

This was it. Thank you for the fast response!!

I reran with the following command and everything worked as expected:

letsencrypt-auto certonly --webroot -w /var/www/html/ -d subdomain2.example.com --server https://acme-v01.api.letsencrypt.org/directory