Comments (4)
The error message says that you are using the same key as account.key and domain.key. See steps 1 and 2 in readme. These steps are to create two seperate keys.
The LE client also creates two key pairs. Which one did you use and how did you convert it?
If you do not know exactly what private keys are and how to use them, you'd better use the official LE client.
from acme-tiny.
The error message says that you are using the same key as account.key and domain.key.
See steps 1 and 2 in readme. These steps are to create two seperate keys.
The domain. key is what I missed indeed. Works now like a charm, thanks.
The LE client also creates two key pairs. Which one did you use and how did you convert it?
Of course I wanted to keep the account key tied to my first registration (this remained after an unsuccessful attempt to get a certificate with the le client running on a local machine, because I exactly didn't want to perform the procedure on the server). This left 0000_key-letsencrypt.pem in /etc/letsencrypt/keys, which I used for authentication (and erroneously as the domain.key).
from acme-tiny.
Thread high in Google search results ;) The documentation is somewhat vague on this topic.. or simply I didn't read too carefully. For anyone still having this problem. You need two different private keys! Eg:
openssl genrsa 4096 > letsencrypt-account.key
openssl genrsa 4096 > domain.key
That LetsEncrypt's explicit requirement. Only sign the CSR with the domain.key
, use letsencrypt-account.key
with this excellent tool to register the account. Good luck.
from acme-tiny.
I don't think documentation is vague on this subject at least in acme-tiny readme, which quite clearly has step by step instructions, including generating account key or converting already existing one, and then generating certificate key.
from acme-tiny.
Related Issues (20)
- Consider switching from subprocess+openssl to Cryptography HOT 6
- List out of index error HOT 3
- Allow retry of network requests HOT 3
- Unable to update account :: contact method "" is not supported HOT 3
- Add support for alternate chains HOT 14
- Add option to change acme contact email HOT 2
- The future of acme-tiny? HOT 1
- Potential path traversal issue HOT 7
- 58752c527c9345d23a771d2a93f729aaa8fe7712 causes failure on ubuntu bionic HOT 2
- Regex for subject_alt_names fails on Windows due to \r\n as line break HOT 1
- certificate_pem, _, _ = _do_request() missing items HOT 1
- python(2) vs. python3 HOT 2
- Stack trace on unexpected HTTP response HOT 2
- [patch] minor, documentation. Do explicitly state not supporting challenge for wildcard (DNS-01) in README.md
- If you need to manually obtain the certificate, here is the easy-to-use web page ACME client on the browser, welcome to use🎉
- CERTIFICATE_VERIFY_FAILED on domain letsencrypt HOT 6
- Standalone Mode
- Asynchronous Order Finalization: will this require a change? HOT 2
- need automatic retry for LE server busy response. HOT 5
- acme-tiny has begun to issue return code 1 (indicating error) even on apparent success HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from acme-tiny.