I wanted to change/replace current self-signed certificate with a new Let’s Encrypt one, and still wondering what’s the proper way to do it.
I am not a technician and thought I could create a new one in a different directory and edit the current sever configuration file to use it instead of the current one, and I could then have more time to figure out how to revoke the old certificate and key or any needed.
(This is for a new mail server which is on a separate machine, that I have been preparing “for a while” so the dns records have already been set.)
I now feel it might be much more complicated thing than I thought…
Do I have to revoke the current things (i.e. self-signed certificate and private key created using openssl) first using the same method as the previous one and then create a new Lets Encrypt one as normal? Or can / should I do this all using the new method (i.e. Lets Encrypt client)?
(When I tried to just create a new one as above, I got an error: status 403, authorization for these names not found existing or expired…)
I can’t seem to tell domain name here.
But I would greatly appreciate any advice and help.