Let's Encrypt/en
Revi HQ
- Return to 핸드북:기술/en
Obtain LE cert with DNS authentication
sudo certbot certonly --manual --preferred-challenges dns -d $domain -d $domain2 -d $domain3
Revoke LE cert issued by hosting services without private key
- Download cert file to revoke via H:TLS#Certificate Transparency.
- Try to get a cert for the domain you want to revoke, and the domain you do not control.
$ sudo certbot certonly --manual --preferred-challenges dns -d $mydomain.tld -d example.com
- mydomain.tld verification will succeed and example.com verification will fail. Now revoke the cert we originally intended to revoke via
certbot revoke
.$ sudo certbot revoke --cert-path=/path/to/cert
- Verify that the certificate has been revoked via Certificate Transparency websites.