You do not have permission to delete messages in this group
Copy link
Report message
Sign in to report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to Let's Encrypt Client Development, Let's Encrypt CA Development
Hi all,
What is the protocol/procedure used under the hood to renew a Letsencrypt certificate? I obtained an Letsencrypt certificate on Dec of 2015 with my own client (not the Python client provided by Letsencrypt), the certificate is going to expire soon.
Now the following informations are available after obtaining a Letsencrypt certificate.
1. Account RSA key pair
2. RSA key pair for Letsencrypt issued certificate
3. CSR for Letsencrypt issued certificate
4. Letsencrypt issued certificate
5. URL for Letsencrypt issued certificate
6. Domain name
Can someone elaborate the renew protocol in details? How the above informations are used to renew a certificate?
Thanks a lot for the help,
/Kaiduan
Daniel Roesler
unread,
Feb 15, 2016, 12:26:36 PM2/15/16
Reply to author
Sign in to reply to author
Forward
Sign in to forward
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Sign in to report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to Kaiduan Xie, Let's Encrypt Client Development, Let's Encrypt CA Development
For acme-tiny, we just run the same procedure as getting a new
certificate. You can even use the same CSR as before.
POST /acme/new-authz (request new challenges for the domain)
POST /path/to/challenge (notify of challenges met)
GET /path/to/challenge (wait for the challenge to turn valid)
...repeat as needed for multiple domains