macOS: Certbot successful, where are , crt and .key files?

ariezttd · February 5, 2024, 6:34pm

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:
nsitech.net
I ran this command:
sudo certbot certonly --standalone
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Please enter the domain name(s) you would like on your certificate (comma and/or
space separated) (Enter 'c' to cancel): nsitech.net nsitech.app

You have an existing certificate that contains a portion of the domains you
requested (ref: /etc/letsencrypt/renewal/nsitech.net.conf)

It contains these names: nsitech.net

You requested these names for the new certificate: nsitech.net, nsitech.app.

Do you want to expand and replace this existing certificate with the new
certificate?

(E)xpand/(C)ancel: E
Renewing an existing certificate for nsitech.net and nsitech.app

Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/nsitech.net/fullchain.pem
Key is saved at: /etc/letsencrypt/live/nsitech.net/privkey.pem
This certificate expires on 2024-05-05.
These files will be updated when the certificate renews.

NEXT STEPS:

The certificate will need to be renewed before it expires. Certbot can automatically renew the certificate in the background, but you may need to take steps to enable that functionality. See User Guide — Certbot 2.9.0.dev0 documentation for instructions.

If you like Certbot, please consider supporting our work by:

Donating to ISRG / Let's Encrypt: Donate - Let's Encrypt
Donating to EFF: Support EFF's Work on Let's Encrypt | Electronic Frontier Foundation

My web server is (include version):
Server version: Apache/2.4.56 (Unix)
The operating system my web server runs on is (include version):
macOS Sonoma
My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):
yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

9peppe · February 5, 2024, 7:06pm

If you need other formats you have to script any conversions you want, see the openssl x509 manpage and the --deploy-hook certbot command line option.

MikeMcQ · February 5, 2024, 7:32pm

Apache can use the .pem files directly. The .crt and .key names are arbitrary.

rg305 · February 5, 2024, 9:03pm

ariezttd · February 5, 2024, 9:29pm

Thank you

system · March 6, 2024, 9:29pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Noob With No More Support From Developers and Need to Either Renew Cert or Get a New One Help	14	736	May 3, 2019
Create new certs on Macbook M4 Help	10	52	March 1, 2025
Certbot "successful", but still don't have an ssl certificate Help	37	3815	February 14, 2020
How to renewel the crtbot certificate Help	2	958	March 1, 2019
Regarding renewing certificate Help	3	601	May 6, 2021

macOS: Certbot successful, where are , crt and .key files?

Related topics