Revoking my certs

JustinCS · January 23, 2016, 3:43am

Hey everyone, my name is Justin. I’m a 17 year old highschool student working on a startup.
Ok, so I really screwed up. I’ve been running a webserver on AWS for like a week now. So far, the web app is coming along great. I decided instead of coding the app this weekend, I’d just optimize the server, install an SSL cert and do some administrative work for the company. I didn’t realize how hard it would be to install an SSL cert on AMI linux. I screwed up like 15 times, I kept deleting and re-running the auto install script, almost each time following a different tut. Anyways, now I just completely got rid of the instance, and decided to start a new one

Here’s the thing now. I didn’t realize I had to revoke each certificate manually before I deleted them. Now my question is, is there any way letsencrypy can just revoke all cert(s) for my domain? Or is my understanding still off? Do I need to revoke the cert(s) at all?

Also, what OS has the most support for lets encrypt?

Fsantiago1979 · January 23, 2016, 5:56am

I believe the LE guys use Ubuntu primarily.

You don’t have to revoke. Just let them expire. They’re only good for 90 days anyway.

No, I don’t believe LE can or would simply revoke them for you.

serverco · January 23, 2016, 8:29am

Remember there are limits of 5 certs / domain / 7 days … you may have already hit those limits. Best to use the testing server to start with ( which hasn’t got the same limits).

tlussnig · January 23, 2016, 10:17am

As serverco said there is an limit of 5 cert/domain per 7 days. So it could not be possible to issue 15 certs inn one week. And since nobody have your private key the certificates are not compromised and can not be misused.
with crt.sh you can check how many you really created.

JustinCS · January 23, 2016, 2:48pm

Will it be an issue if I have multiple certs for the same domain?

-EDIT: Also, I didn’t do it exactly 15 times, I was just estimating. In reality, It was probably more like 4-5.

schoen · January 27, 2016, 7:23pm

@JustinCS, having multiple certs for the same domain is fine; neither Let’s Encrypt nor the browsers will give you a problem with that, except for Let’s Encrypt’s rate limit on issuance.

If you have users who use a browser extension like Cert Patrol and have previously visited the site, they’ll see a warning about the new cert (but very, very few users use these tools, and they’ll also see warnings when other sites that use Let’s Encrypt naturally change certs over time).

JustinCS · January 27, 2016, 7:35pm

Thanks a lot for the help guys I really appreciate it. Unfortunately, I just installed a cert with Amazon today. Maybe I will use lets encrypt in the future. Thanks again.

Topic		Replies	Views
Revoking a lost certificate	10	11252	December 10, 2015
So i accedently "reached my limit" some how Server	13	2642	February 27, 2016
How to clean up my tests	10	4451	March 4, 2016
Many certificates already issued for Help	2	501	May 3, 2020
How to revoke a cert if the cert is not available? Server	4	1733	February 25, 2016

Revoking my certs

Related topics