Moving certificates from GoDaddy to Let's Encrypt

Help
#1

Hi
Our SSL certificates currently provided by GoDaddy will expire in just under 3 months.

I want us to use Let's Encrypt ( certbot ) instead.

I don't want to wait until the certificates actually expired, but I tried a while ago to use certbot but it failed.

I can only think that the reason for the failure was because the certificates were still active at GoDaddy.

I guess my question is: Could I start the Let's Encrypt certificates BEFORE my currently active certificates expire?

I would like to change over without a loss in service , if possible.

Our domain is NOT registered by GoDaddy, ONLY the certificates are.

Kind Regards
Gerrit le Roux
Springboard ASA Ltd.

1 Like
#2

Hi @gerritl

no, that's not relevant. You can have and use different certificates from different CAs.

And please share your complete setup - domain name, command, output, error.

1 Like
#3

Hi @gerritl and welcome to the LE community forum :slight_smile:

In short, yes.

1 Like
#4

Welcome to the Let's Encrypt Community :slightly_smiling_face:

Do you host your website with GoDaddy? Do you have root access? Do you use cPanel?

Depending upon the answers to these questions, I might have a much better/easier/faster option than certbot.

2 Likes
#5

Hi, I ran the "certbot" command, trying to generate / use a certificate:

certbot --apache -d ourdomain.com

I got an error saying that there are no IP addresses linked to this Domain

My question is:

Do I run this command for my entire Domain , or must I include the server name:
certbot --apache -d myserver.ourdomain.com
?

I was also confused about this when creating the virtual host Apache config file,
where the Server is actually pointing to the Domain, as we had a certificate with Godaddy, that covered all servers in the Domain.

I shall post all my details, I just first want to know whether I should use FQDN name or, just the Domain name

Kind regards
Gerrit le Roux

#6

You want the certificate to include the hostnames what the users will type into the address bar of their browsers. (When speaking about HTTP, if we are talking about mail protocols such as IMAP or SMTP, the certificate needs to include the hostnames the users will type into their mail client at the "server hostname" [or equivalent] option and also to include the hostname in the MX record of the domain.)