New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
How to use same certificate on different server (different port) but same DNS #2005
Comments
Your certificate should be installed! I'm closing this issue since I believe I answered your question, but if continue to have problems, comment and I'll reopen. |
Nevermind, it works great, thank you |
Out of curiosity, you can't have auto-renewal set up in multiple machines, right? So if you want to use the same cert on multiple machines, you would have to renew it on one of them and then copy the certificate files again to the rest, correct? |
@jportoles, correct. Nothing like that is currently supported in the client. You'd have to write a wrapper script around Certbot to get that kind of functionality. #2782 might make this a bit easier, but you'd still have to provide a script telling Certbot what to do with the certificate once it's been obtained. |
@bmw Got it, thanks! We'll probably just set up a "master" machine that renews and propagates to the rest when the renewal is due. |
requires additional setup but this removes the need to copy the certificate(s). |
Hi casper-gh/bmw, |
Never mind. All working thanks anyway. |
hey @harlock74, sorry for late response, glad you figured it out. Did you use Certbot or Letsencrypt? I was unable to do this using Certbot, so I had to run this Let me know how to did this using Certbot. Thanks |
Hi @casper-gh , many thanks for coming back to me. Very much appreciated.
Something odd it is happening though. If I start from a fresh jessie lite on my first Raspberry Pi I can re-install the same certificate by using the commands above. However if I start from a fresh jessie lite on my second raspberry Pi then the same procedures don't work anymore. I have also changed the ssl port from 443 to 444 on my second Raspberry Pi by editing the files below:
I am now struggling. I would really appreciate if you could shed some light as I am sure I am missing something, but I wouldn't know what. |
@harlock74 Not sure I understand it correctly, but on the first machine (port 443), you don't need to run the cmd with On the second machine (something else rather than 443), you must run the letsencrypt cmd with Hope this helps. |
@casper-gh Then from the first machine I copy on the second machine the 4 files cert.pem, privkey.pem, chain.pem, and fullchain.pem. On the second machine (ssl port 444): Is that correct? |
Eureka! It's working like a charm and using certbot and not letsencrypt! |
@harlock74 For the first machine I only ran |
Hi @casper-gh, After creating a certificate with letsencrypt on your first RPi:
|
I have successfully created a certificate using letsencrypt on one of my apache server.
On my second server, I just forward a different port (4430) to this machine, ie, accessible by:
https://mydomain.duckdns.org:4430
I tried the same procedure to install letsencrypt
./letsencrypt-auto --apache -d mydomain.duckdns.org
on this machine but got this error:Question is, how can I use the cert created by letsencrypt on my first machine on my second machine?
The text was updated successfully, but these errors were encountered: