It sais it's valid for a few months, how does the renewal work?
And I think I did something wrong, I removed the TXT record and I don't think it was supposed to
Is there any way to automatically be renewed?
Thank you!
// The certificate is used in Microsoft PowerPages.
Hi @nekakyjot, and welcome to the LE community forum
Certbot should be configured [via cron type job] to renew all certs that it manages.
You can see which certs certbot is managing with: certbot certificates
You can review cron and systemd timers to ensure certbot is configured to renew.
That said, without added instruction, a certbot renewal will only renew the cert.
All other steps will then need to be repeated:
create .pfx file from latest cert
import .pfx file into Windows
ensure PowerPages is using the latest certificate
With that said, and not knowing exactly what system you are using, nor what PowerPages is...
I would recommend that you look into using a [proper] Windows based ACME client.
Like: Posh-ACME or CertifyTheWeb
EDIT: Note: If there is a plugin that works with DSP, then that is the simplest way to automate this.
Instead of doing it:
Thing is the certificate I got I manually uploaded to PowerPages, so I guess each renew will need to be uploaded again?
Since it's in PowerApps, I can't run certbot there, or I can run it on another server?
I see.
Power Pages is a platform, it's in the cloud.
For now, on my local machine I have cert.pem chain.pem fullchain.pem privkey.pem in /etc/letsencrypt.
In 3 months time do I run again sudo certbot certonly --manual --preferred-challenges dns -d domain.com?
It will give me a new TXT record to add right?
Thing is today when generating I did some mistakes, and I run it 5 times, just the first time it told me the TXT acme, after that it did not, it just generated the files again I guess.
LE saw the same account asking for a cert on a name it had already [recently] authenticated it for.
So, LE did not require reauthentication.
[that will NOT happen beyond 30 days]
It's called dandomain.dk.
Let's say they have a plugin, won't I need to manually upload the cert into the PowerPages? Or the DNS TXT record will make it so there is not need to upload the file in the PowerPages admin panel?
You do need to create a complete automation process.
Automating the cert renewals is only part of that.
Updating PowerPages is another part - but I'm confident that there must be ways to automate that as well.
I'm not familiar with:
Maybe you can check through their website OR speak/email with one of them to see if they support DNS automation.