I just receive an invite today. Already test to generate the cert using webroot. My question would be for renewal. Does I need to re-authenticate the domain again? My problem is, I will used the domain for wifi captive portal login page. This will be a private lan. Initially I would be able to chan…

i believe it has to re-validated again on renewal @bmw @kelunik @jsha ?

You will need to re-authorize the domain periodically based on the expiry time of the authorization object. Currently the authorization lasts ten months. So you will be able to do your next few renewals on one authorization, but in ten months you will have to re-do the authorization process.

thanks @jsha for the clarification is there any reason it’s set to a specific number as 10 months ? and not 12 months etc ? if i ran webroot authentication via cronjob every 2 months, would that still re-authorize each time so that 10 months gets extended every 2 months ?

Actually, I misspoke: The idea behind authorizations lasting for ten months (currently) is that they provide a full year of coverage, assuming you renew your cert every 60 days. So you wouldn’t need to reauthorize for a full year, assuming you issue a cert right before the authorization expires. I …

thanks @jsha for the information :slight_smile:

Meaning to say, for current setting (10 months) I need to re-set the DNS to public IP roughly once a year for domain re-validation? For renewal, as long as authorization object still valid I just need the internet connection? Another one, if I got authorization to abc.com , can I generate sub domain…

[image] aneip: Meaning to say, for current setting (10 months) I need to re-set the DNS to public IP roughly once a year for domain re-validation? For renewal, as long as authorization object still valid I just need the internet connection? That's correct. [image] aneip: Another one, if …

@aneip there will be another option. You can use the same domain for Outside and Inside. Inside for example you point to 192.168.0.1 and outside to an official IP that host Maybe some other side of you. And than can be used for domain validation.

@jsha I think that reauthorization time should be no matter whether it’s 10 or 12 months or whatever NO LESS than the expiry of the domain, also it could be helpful to re-do the authorisation if the whois record changes. (for example using a hash of the whois record data about the owner) because an…

[quote=“My1, post:10, topic:3971”] also it could be helpful to re-do the authorisation if the whois record changes. (for example using a hash of the whois record data about the owner) [/quote] could be problematic for folks like me using private domain whois and where the registrar auto rotates th…

Renewal process

Server

Topic		Replies	Views
Does the renewal of certificate follow the same process as issuing a new certificate? Issuance Policy	8	4449	October 15, 2016
Certificate Failed to Renew - authorizations for these names not found or expired Issuance Tech	2	3202	July 13, 2017
Cert failed to renew - authorizations expired? Issuance Tech	8	3757	August 5, 2017
Domain verification question(s) Client dev	6	2114	April 25, 2016
Is reauthentication always mandatory when renewing? Help	3	619	June 3, 2020

Renewal process

Related topics