GoFuckYourself.com - Adult Webmaster Forum - Renewing name dot com SSL certificate

GoFuckYourself.com - Adult Webmaster Forum (https://gfy.com/index.php)

- Fucking Around & Business Discussion (https://gfy.com/forumdisplay.php?f=26)

- - Renewing name dot com SSL certificate (https://gfy.com/showthread.php?t=1357096)

Klen	08-17-2022 07:05 AM

Renewing name dot com SSL certificate

One of the reason why i use name dot com for domains as they provide free SSL which only need to be renewed once every year compared to let's encrypt. However, this have one bad side - once it need to be done , i always forget how it is done and where i stored instructions for it, so i will save it here as well to be faster next time when it's renewal time. If anyone also uses name dot com for SSL, you can use it too.

Step 1:
Generate new SSL key with following command:

openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr

FQDN value must be in format www dot domain dot com

Step 2
Copy value from server.csr into SSL generator of name .
Once certificates are generated, concat Server Certificate and CA Certificates into pem file.
Then replace key file with newly generated key file. Restart nginx and that's it.

baodb

08-17-2022 08:36 AM

Sounds awfully complicated. You know you can easily automate lets encrypt right? Also there is buypass which does 6 months and uses the same system as lets encrypt.

sandman!

08-17-2022 08:47 AM

if your using a control panel like directadmin there is no work doing automated ssl i guess yearly is useful if your not using control panels.

CurrentlySober

08-17-2022 08:53 AM

my hosting (dreamhost) does mine for me and its only a cheap host i keep for some legacy stuff

Klen	08-17-2022 09:32 AM

Quote:

Originally Posted by baodb (Post 23034212)

Sounds awfully complicated. You know you can easily automate lets encrypt right? Also there is buypass which does 6 months and uses the same system as lets encrypt.

I know but in order to make it automated you need to run cron and you never know when cron can fail. And also, fact how you need to shutdown nginx first to make it work(tho think they fixed that in newer versions) was something what i dislike too. Plus this is commercial SSL which is better quality.

TurboB

08-17-2022 09:44 AM

I even had forgotten about it.
Since moved to Cloudflare.

Tasty1

08-17-2022 11:16 AM

Goes automatic in cpanel, that is why i use that.

blackmonsters

08-17-2022 12:20 PM

Quote:

Originally Posted by Klen (Post 23034240)

Nope, nope, no.

I run Plesk and free Let's encrypt, and it renews automatically.
It only failed once; on new domains using the register's DNS instead of mine.
Been running smooth since.

:2 cents:

Sly	08-17-2022 01:25 PM

I will pile on.

If we were still messing with SSL certificate renewals manually, I would have no hair left.

baodb

08-17-2022 07:37 PM

Quote:

Originally Posted by Klen (Post 23034240)

Honestly I do not think that there is even a way for free domain level certs to have a difference in quality.

Anyway you do not need to shutdown NGINX with something like acme.sh, it can modify the nginx config and reload in place to renew. Alternatively you can use DNS auth which you can even do on a different machine than the production one, also fully automated if your domains are hosted somewhere with DNS API.

bigalownz

08-18-2022 04:23 AM

try this

https://github.com/acmesh-official/acme.sh

i installed this a few years ago never had any problems
it updates for all of my domains sites etc

All times are GMT -7. The time now is 07:38 AM.