Let's Encrypt/en

Revi HQ

Obtain LE cert with DNS authentication

sudo certbot certonly --manual --preferred-challenges dns -d $domain -d $domain2 -d $domain3

Source

Revoke LE cert issued by hosting services without private key

  1. Download cert file to revoke via H:TLS#Certificate Transparency.
  2. Try to get a cert for the domain you want to revoke, and the domain you do not control.
    $ sudo certbot certonly --manual --preferred-challenges dns -d $mydomain.tld -d example.com
    
  3. mydomain.tld verification will succeed and example.com verification will fail. Now revoke the cert we originally intended to revoke via certbot revoke.
    $ sudo certbot revoke --cert-path=/path/to/cert
    
  4. Verify that the certificate has been revoked via Certificate Transparency websites.
다른 언어: