Submit .pem files

Hi,

Is there a way to submit the serverKey.pem and serverRequest.pem files to get a certificate? No certbot involved?

You should never disclose serverKey.pem to anybody at all (not even Let’s Encrypt), the security of your certificate depends on it.

The idea in a CSR (serverRequest.pem) is that it proves you have control of the private key (serverKey.pem) while keeping it entirely private.

Anyway, sure. You can use web-based tools like https://zerossl.com/free-ssl/#crt to submit your CSR and receive a certificate in exchange. You would copy the contents of serverRequest.pem into the text box that says “Paste your CSR or leave it blank to generate.”.

Needless to say, you will have to repeat the process every 60-90 days, by hand.

Hi,

Thanks for the education about the serverkey.pem. I want to get a certificate that wont require constant manual renewal. Is there any way to do that?

Thank You,
Jeff

Of course.

Choose one of the many available clients and set it up for autorenewal:

Short answer: yes, in general it is possible.

Long answer: we need a lot more information about your setup to answer that question with more detail. We don’t have crystal balls in which we magically can get every bit of information we need. For that we need you to provide us with that information. If full automation is possible depends on the software and hardware used et cetera.

Hi All,

Thanks again for your help. I’m new to this. I need a few certs for different things. The one I am asking about is to use with FileMaker server. It has a command line that generates it’s pem files. I want to use the pem to get a crt that will auto renew and insert it into filemaker.

Thank You,
Jeff

You will need to look for what other people have done for FileMaker + automatic Let’s Encrypt renewal.

Here is one example blog post, for FileMaker running on macOS + Certbot + a custom renewal script: https://bluefeathergroup.com/blog/lets-encrypt-ssl-certificates-for-filemaker-server-for-mac/

From what I can see, the custom renewal script should renew your certificate and automatically restart FileMaker. Perhaps try following along with the blog post and see how far you can get.

1 Like

Nice. Will do.
Thank You,
Jeff