Welcome to the GoFuckYourself.com - Adult Webmaster Forum forums.

You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today!

If you have any problems with the registration process or your account login, please contact us.

Post New Thread Reply

Register GFY Rules Calendar
Go Back   GoFuckYourself.com - Adult Webmaster Forum > >
Discuss what's fucking going on, and which programs are best and worst. One-time "program" announcements from "established" webmasters are allowed.

 
Thread Tools
Old 08-17-2022, 07:05 AM   #1
Klen
 
Klen's Avatar
 
Industry Role:
Join Date: Aug 2006
Location: Little Vienna
Posts: 32,235
Renewing name dot com SSL certificate

One of the reason why i use name dot com for domains as they provide free SSL which only need to be renewed once every year compared to let's encrypt. However, this have one bad side - once it need to be done , i always forget how it is done and where i stored instructions for it, so i will save it here as well to be faster next time when it's renewal time. If anyone also uses name dot com for SSL, you can use it too.

Step 1:
Generate new SSL key with following command:

openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr

FQDN value must be in format www dot domain dot com

Step 2
Copy value from server.csr into SSL generator of name .
Once certificates are generated, concat Server Certificate and CA Certificates into pem file.
Then replace key file with newly generated key file. Restart nginx and that's it.
Klen is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 08-17-2022, 08:36 AM   #2
baodb
Confirmed User
 
Industry Role:
Join Date: Jan 2021
Posts: 103
Sounds awfully complicated. You know you can easily automate lets encrypt right? Also there is buypass which does 6 months and uses the same system as lets encrypt.
baodb is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 08-17-2022, 08:47 AM   #3
sandman!
Icq: 14420613
 
sandman!'s Avatar
 
Industry Role:
Join Date: Mar 2001
Location: chicago
Posts: 15,432
if your using a control panel like directadmin there is no work doing automated ssl i guess yearly is useful if your not using control panels.
__________________
Need WebHosting ? Email me for some great deals [email protected]
sandman! is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 08-17-2022, 08:53 AM   #4
CurrentlySober
Too lazy to wipe my ass
 
CurrentlySober's Avatar
 
Industry Role:
Join Date: Aug 2002
Location: A Public Bathroom
Posts: 38,677
my hosting (dreamhost) does mine for me and its only a cheap host i keep for some legacy stuff
CurrentlySober is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 08-17-2022, 09:32 AM   #5
Klen
 
Klen's Avatar
 
Industry Role:
Join Date: Aug 2006
Location: Little Vienna
Posts: 32,235
Quote:
Originally Posted by baodb View Post
Sounds awfully complicated. You know you can easily automate lets encrypt right? Also there is buypass which does 6 months and uses the same system as lets encrypt.
I know but in order to make it automated you need to run cron and you never know when cron can fail. And also, fact how you need to shutdown nginx first to make it work(tho think they fixed that in newer versions) was something what i dislike too. Plus this is commercial SSL which is better quality.
Klen is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 08-17-2022, 09:44 AM   #6
TurboB
Confirmed User
 
TurboB's Avatar
 
Industry Role:
Join Date: Dec 2016
Posts: 1,046
I even had forgotten about it.
Since moved to Cloudflare.
TurboB is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 08-17-2022, 11:16 AM   #7
Tasty1
Confirmed User
 
Tasty1's Avatar
 
Industry Role:
Join Date: Jan 2005
Location: South-America
Posts: 9,504
Goes automatic in cpanel, that is why i use that.
__________________

everything is fake
Tasty1 is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 08-17-2022, 12:20 PM   #8
blackmonsters
Making PHP work
 
blackmonsters's Avatar
 
Industry Role:
Join Date: Nov 2002
Location: 🌎🌅🌈🌇
Posts: 20,621
Quote:
Originally Posted by Klen View Post
I know but in order to make it automated you need to run cron and you never know when cron can fail. And also, fact how you need to shutdown nginx first to make it work(tho think they fixed that in newer versions) was something what i dislike too. Plus this is commercial SSL which is better quality.
Nope, nope, no.

I run Plesk and free Let's encrypt, and it renews automatically.
It only failed once; on new domains using the register's DNS instead of mine.
Been running smooth since.

blackmonsters is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 08-17-2022, 01:25 PM   #9
Sly
Let's do some business!
 
Sly's Avatar
 
Industry Role:
Join Date: Sep 2004
Location: Austin, TX
Posts: 31,337
I will pile on.

If we were still messing with SSL certificate renewals manually, I would have no hair left.
__________________
Vacares - Web Hosting, Domains, O365, Security & More - Paxum and BTC Accepted

Windows VPS now available
Great for TSS, Nifty Stats, remote work, virtual assistants, etc.
Click here for more details.
Sly is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 08-17-2022, 07:37 PM   #10
baodb
Confirmed User
 
Industry Role:
Join Date: Jan 2021
Posts: 103
Quote:
Originally Posted by Klen View Post
I know but in order to make it automated you need to run cron and you never know when cron can fail. And also, fact how you need to shutdown nginx first to make it work(tho think they fixed that in newer versions) was something what i dislike too. Plus this is commercial SSL which is better quality.
Honestly I do not think that there is even a way for free domain level certs to have a difference in quality.

Anyway you do not need to shutdown NGINX with something like acme.sh, it can modify the nginx config and reload in place to renew. Alternatively you can use DNS auth which you can even do on a different machine than the production one, also fully automated if your domains are hosted somewhere with DNS API.
baodb is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 08-18-2022, 04:23 AM   #11
bigalownz
Confirmed User
 
bigalownz's Avatar
 
Industry Role:
Join Date: Aug 2005
Location: NEW ZEALAND
Posts: 1,657
try this

https://github.com/acmesh-official/acme.sh

i installed this a few years ago never had any problems
it updates for all of my domains sites etc
__________________
$100 free credit for all hosting needs
bigalownz is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Post New Thread Reply
Go Back   GoFuckYourself.com - Adult Webmaster Forum > >

Bookmarks

Tags
dot, ssl, key, file, certificates, generated, server.csr, step, time, certificate, rsa2048, nodes, server.key, newkey, keyout, openssl, generate, command, restart, nginx, req, newly, generator, pem, server



Advertising inquiries - marketing at gfy dot com

Contact Admin - Advertise - GFY Rules - Top

©2000-, AI Media Network Inc



Powered by vBulletin
Copyright © 2000- Jelsoft Enterprises Limited.