Windows and Apache

Hello.

I use xampp / apache on windows.

Certbot does not seem to have been built for windows / apache. Can you give me another suggestion on how to get started with lets encrypt? It does not feel safe to choose a third party for this or maybe you have some trusted partners?

Best regards.

1 Like

Certbot is not yet officially available for Windows, but will be in the future.

I don’t think there is an officially blessed Windows client.

There is a list of Windows clients here: https://letsencrypt.org/docs/client-options/#clients-windows-/-iis

I’ve seen people successfully using most of those listed clients.

1 Like

Hi az, thanks for your reply.

But when I use the other clients, where are the keys and certificates created? Is that part still happening at Lets Encrypt, or is it a conversation between me and the third parties?

It is not good if I use a bad client and keys end up in the wrong hands

1 Like

That is a valid concern.

However, all of those clients are completely open source, so you can always verify that they are not sending your private keys anywhere. (And none of them do, as far as I know).

You can, of course, try to run Certbot on Windows via Python. It does work to some extent, but probably not with all of the functionality you need (such as automatically configuring Apache).

It’s better to stick to the other Windows choices for now.

1 Like

Is it possible to request a certificate from lets encrypt server directly and handle thing manually?

Best regards

1 Like

Those clients do request a certificate from the Let’s Encrypt server directly

But no, you can’t do it without a client. You need one to perform all of the cryptographic operations required by the ACME protocol.

1 Like

Hello az.

Okey, I understand.

So this workes now for one of my websites. I generated and downloaded some files direct from zero ssl’s online tools. Then I made some updates in my apache ssl config file. However, this process is just for one website, what if I want to host multiple websites om my server.

Can I have a certificate that covers the entire server and all the websites in it? Or do I have to make a new request for each website and also add each website in my ssl config file?

What solutions are there and what do you suggest?

Best regards

1 Like

you can do as you want, but LE only allows up to 100 names in a single certificate.

1 Like