Retrieving issued certificates from CT


#1

It would be really nice increasing the rate limit or letting us know how to either retrieve the certificates (and install them properly) or how to revoke them


Server 500 but certificate still issued
#2

Revoking the certificates doesn’t remove them from the rate limit - so doesn’t really help in that sense

Certificates can be retrieved searching for your domain at https://crt.sh and find the certificate you want to retrieve - on there, when you see the details - you can click on the “certificate” link - and get a copy of your cert.


#3

And how would I use this certificate without a private key?
I really have no clue what to do.


#4

Hopefully you still have your private key that was used - unless you have deleted it.


#5

Just an additional thought - is your problem related to this topic ( server 500 but certificate still issued ) ? or have you just hit the rate limit doing some testing or something ?


#6

I hit the rate limit because of this issue.

And I honestly don’t know whether I have the key or not. They are usually stored at /etc/letsencrypt/live/subdomain.example.com/privkey.pem
The corresponding folder doesn’t exist.
Also I usually use /etc/letsencrypt/live/subdomain.example.com/fullchain.pem in my configs. And if I understand it right the file I downloaded would be the equivalent of /etc/letsencrypt/live/subdomain.example.com/cert.pem

I honestly don’t know how all that certificate stuff works. So far I only have copy pasted commands without understanding how they work.

If this is off-topic should I ask a separte question?


#7

It’s probably as well to start a fresh question, yes ( as a user here I don’t have permission to split this topic).

If you could include in what your system is ( operating system, and if using apache or nginx ) and exactly what commands you have run.