Making a certificate for a different server

Before I install certbot on a Linux server I want to check this is possible. I want to make certificates on the Linux server and then export them to my firewall. Is it possible to use Let’s Encrypt to make certificates on the Linux server and then export them to the firewall and other servers going forward?

1 Like

Welcome to the Let's Encrypt Community, Michael :slightly_smiling_face:

Yep. That's very common, especially in the case of load balancers acquiring and distributing certificates to workers. Just be sure to export their private keys securely.


Thanks for the quick reply. Any thing special I need to do?

I found this article. Does that look like the best approach?

1 Like

That guide mostly is about getting a certificate in the first place. And badly at that too. Using the dns-01 challenge manually is very much discouraged as it prevents automated renewals.


The best starting place is to understand the way that Let's Encrypt verifies challenges for issuing certificates, particularly the HTTP-01 challenge.

If you want to read through a PHP ACME client that's well-commented to gain a better understanding of the ACME process, you can download my single PHP file CertSage ACME client (certsage.txt).


It is difficult to be sure, since you haven't provided any information on the firewall (and it's certificate requirements).
I would start with what the firewall needs.


This certificate won’t be able to auto renew as the firewall doesn’t have that option. It is a Sophos XG firewall. I am happy to manually renew the certificate. I just want to be able to create them and I will deal with the renewals.

Well... The acme client usually is on the same machine as the webserver, but it doesn't have to be.

You can autorenew via dns-01 challenge and use a deploy hook to push the certificate on the server.


My domain is using Route53 so looks like have some options there.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.