hi
i have a SAP system, and install LetsEncrypt Certificate of 3rd Party Company.
The problem, as i understand from our colleague, that the certificate changes, each 2 month !!??
In order to keep the program working, we need to install it again.
Is there a way to get certificate for a couple of years ?
OR a script to install automatic the certificate?
Any help Please
Hi @AKRAMHA
That's the normal usage of Letsencrypt certificates, these are always only 90 days valid.
Start with some basics.
Then select a client.
Then start and create your own certificate.
The industry has been pushing all certificate authorities to use shorter lifetimes recently. You will no longer be able to get publicly-trusted certificates with lifetimes much longer than one year:
Let's Encrypt has encouraged this kind of change and encouraged everyone to automate certificate renewal. As @JuergenAuer said, Let's Encrypt's certificates
The 60 day interval that your colleague mentioned is Let's Encrypt's recommendation for when to (automatically) replace the certificate.
Hopefully your SAP environment has an API that could be used to update the certificate from software, in combination with one of the Let's Encrypt client applications that @JuergenAuer mentioned. If not, consider using a reverse proxy to terminate incoming HTTPS requests and forward them to your SAP application. For example, you could use an nginx or Caddy server to receive the HTTPS connections and then forward them to SAP. This process can be extremely simple with Caddy!
(As Caddy has its own built-in automated Let's Encrypt client, it would also handle all of the certificate requests and renewals for you.)
Thank you very much for your quick answers.
I understand the idea about short term certificates, its sufficient and lots of customers uses this way.
However, as i mentioned earlier, we have SAP System, and we must to upload the certificate into our server, therefore each two/three months we have to change it !!
so, we need someone, to update it before it ends
best regards
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.