So what we have is an invalid let’s encrypt certificate, when we try to renew it, public key changes. Is there a way to preserve the old public key? Our clients have it implemented for SSL pinning purposes.
certbot certificates shows:
Certificate Name: domain.com-0001
Domains: domain.com api.domain.com beta-api.domain.com beta.domain.com demo.domain.com
Expiry Date: 2018-04-16 11:58:34+00:00 (INVALID: EXPIRED, REVOKED)
Certificate Path: /etc/letsencrypt/live/domain.com-0001/fullchain.pem
Private Key Path: /etc/letsencrypt/live/domain.com-0001/privkey.pem
Renewal actually works, but it generates a new SHA256. Is it possible to preserve the old one? Please help, thanks!
My domain is:
I ran this command:
certbot --nginx renew
It produced this output:
Renewed certificates, but different SHA256 pin.
My web server is (include version):
Ubuntu server 16.04
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don’t know):
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):