Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cloud Foundry upload fullchain.pem #17

Open
bkrencker opened this issue Sep 15, 2020 · 6 comments
Open

Cloud Foundry upload fullchain.pem #17

bkrencker opened this issue Sep 15, 2020 · 6 comments

Comments

@bkrencker
Copy link

bkrencker commented Sep 15, 2020
edited
Loading

Hi Ben

I am stuck with the certificates after successfully generating them. I have four files from letsencrypt but I am unsure how to proceed next with those files.

  1. cert.pem
  2. chain.pem
  3. fullchain.pem
  4. privkey.pem

It should be possible to upload fullchain1.pem certificate to Cloud Foundry to a Custom Domain but I do not find the right commands in the CLI. Could you please clarify about the steps needed after the certificates are created with Let's Encrypt?

Best regards,
Ben
@bkrencker bkrencker changed the title Cloud Foundry upload fullchain1.pem Cloud Foundry upload fullchain.pem Sep 15, 2020
@bsyk
Copy link
Owner

bsyk commented Sep 15, 2020

Certificates for custom domains are handled differently depending on who your cloud foundry provider is. You should be able to find instructions on their help pages. Let's Encrypt certificates can be treated in the same way as any other certificate from this point on in the process.

Which cloud foundry provider are you using?

If you're using IBM's Bluemix there is a fork of this repo that will handle uploading the certs automatically for you. https://github.com/ibmjstart/bluemix-letsencrypt

@bkrencker
Copy link
Author

I try to get it working on SAP Cloud Platform (Cloud Foundry Stack) and managed to adjust your script to get it working on this platform. But it looks like you have to create a private key manually and then sign the CSR manually at a CA..

I tried to jump right to the point where I can upload the Certificate from Lets'Encrypt but it was not working. See SAP instructions here.

@bsyk
Copy link
Owner

bsyk commented Sep 16, 2020

I'll get a trial account and do some testing. I haven't used SAP's CF before so am not familiar with their HTTPS setup.

@bkrencker
Copy link
Author

As far as I know it is not possible to use Custom Domains in trial account..

But I got a hint that it is possible with Let's Encrypt (certbot) to get a certificate chain by providing a private key and CSR.. this is what I was about to try but I did not have enough time today..

@bkrencker
Copy link
Author

See https://blog.sengotta.net/lets-encrypt-zertifikat-mit-eigenem-private-key-und-csr/

@bsyk
Copy link
Owner

bsyk commented Sep 16, 2020 via email

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bsyk @bkrencker