I’m able to run letsencrypt using manual mode given the following script. When I do so, it creates a file that contains the cert and the chain in a single file called 0000_chain.pem in the same directory that the csr exists in. Is there a way to (1) generate the cert and chain as two separate files and (2) name the location of those files. I’m wondering because haproxy requires a pem file of the following format cert+privkey+intermediate+dhparam and the letsencrypt-auto command below generates a file that I have to parse out the cert and chain files and inject the key file. It would be much easier to cat each of the pieces together.
I suspect that there’s a way to generate the cert and chain file as separate files, but can’t seem to find an option in the readme that suggests how to do it. Any ideas? Thanks for reading.
Today, I also made a certificate with the --csr option and I too ended up with those 0000-files in the current directory I was running the letsencrypt script from.
But I ended up with three pem-files:
0000_cert.pem: my certificate
0000_chain.pem: the IdenTrust intermediate certificate
0001_chain.pem: the two files above concatenated together.
So perhaps you can check again if you’ve got those files to be sure? Because I think you need those two 0000-files I mentioned, right?
I’m having an issue with this file naming behavior, although I’m using webroot mode rather than manual. I’m instructing the client to save its resultant files to a specific paths, but the client instead saves the files to names with an added prefix of 0000_ (or such).
For now I am working working around this by deducing and renaming the files after the fact, but it would be simpler if the client could be relied on to use the exact file names specified for its result files. (And if a file already exists at that path, I’d rather see an error thrown than have to grep the output for a surprise name, but I could guardrail against that myself.)
Is this a bug, or is this behavior required for some reason? If the latter, is there a way to disable it?