Hi, I am a new team member at Thirdwave Automation, and I was checking the certificate for the company website.
My domain is:
www.thirdwave.ai
When I check the information on the cert, I see that it is valid until March 20, 2022.
I have been asking around the organization, but no one seems to know how the cert renewal was managed.
By any chance, would Let's Encrypt know the email address that was used to renew the certificate?
Thanks in advance for any and all help.
I'm pretty sure Let's Encrypt doesn't hand out email addresses (if possible at all, probably requires manually fetching from their database) to apparent random users claiming to be a team member of some company 
I'm also pretty sure you didn't want to have your own email address handed out to random strangers from the internet claiming to be someone they're not.
But: nothing ventured, nothing gained, so let's ask @lestaff anyway
Thanks! I am totally new to this, and I wanted to make sure that the cert for the company's site does not expire. I am also trying to find out the details about the site so that I can try and find out more information.
It's probably well automated and whoever set it up in the beginning did it this way. It's been renewing automatically every two months since then. (== june 2018 crt.sh | thirdwave.ai)
Look for an acme client (certbot, most likely) on your webserver.
Thanks!! I really appreciate it. I will check there.
The certs seem to be renewed on a regular schedule.
See:
crt.sh | www.thirdwave.ai
I would look for a scheduled task (cron or systems timer) that is set to renew them.
Based on a quick look at your site (which has a Varnish cache front end service) I'd make a guess that perhaps you are using GitHub - hlandau/acmetool: acmetool, an automatic certificate acquisition tool for ACME (Let's Encrypt) since this is what you get as a suggestion when googling varnish cache lets encrypt: Five Steps to Secure Varnish with Hitch and Let's Encrypt
Everyone. Thanks for all of the help. It looks like the site that we have is managed by webflow, and the cert is set up when the site gets set up. I am working to find out if I can get root level access to the site.
I do have a somewhat related question. I think the current cert is for www.thirdwave.ai Is there a way I can create a wildcard cert like *.thirdwave.ai if I do not have root access to the machine? Apologies for all of the newbie questions.
If you have access to modify the dns records for the parent zone (thirdwave.ai.) you can.
Otherwise, you can't.
Thanks again! Okay. I will chase down the DNS records. I really appreciate all of the help. Everyone on here is has been super helpful.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.