Using a custom CSR


I want to generate a cert, for a server that can’t run letsencrypt. I created a Debian VM with the same IP/FQDN of the real server. I want to use my CSR from the REAL server, to get the certificate signed on my temporary Debian server. Then I’ll take that certificate over to the REAL server.

Seems like it would work in theory and the FAQ says you can use custom CSRs … anyone have any thought or Ideas? Specifically, what is the letsencrypt syntax to use a custom CSR?



Get the CSR in DER format and use --csr /path/to/csr.der instead of -d flags. The certs will be put in the current working directory instead of /etc/letsencrypt