Renew a certificate requires the old domain key?


I have some questions:

About two months ago I issued my first LE certificate. To renew this certificate I need the same key as the first certificate or can it be a new key?

How many days before it expires to submit a renew?

Renew certificate also requires a new domain validation?


You can use your existing key or use a new one. From Let's Encrypt's perspective, renewals really are just new certificates.

There's no rule for this as such, other than the rate limits, which would prevent you from renewing more than 5 times a week. The recommended renewal schedule would be 30 days before the certificate expires (in other words: every 60 days).[quote="dioobr, post:1, topic:30544"]
Renew certificate also requires a new domain validation?

Roughly speaking, yes. More specifically, existing validations can be re-used for a couple of days (I think it's 7 right now), but it's easiest to just assume you'll need to re-validate every time.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.