change certificate of authority / cert for domain

January 22, 2016 389 views
Security Apache Ubuntu

i have free cet from StartSSL for my domain--it worked, but was clumsy procedure with them.

I want use one new one generated from Let’s Encrypt

If you’re running Apache on a recent Debian-based OS, you can try the Apache plugin, which automates both obtaining and installing certs:
./letsencrypt-auto --apache

I want to try it.

Do I have to do a Revocation of cert or something with StartSSL, if so any tips on how.

1 Answer

When changing certificates, you do not normally need to revoke the certificate. Normally you can just let it expire. Since Apache (and Nginx) let you declare which certificate file to use, you should be able to just change over to the new one and start using it.

That said, it is always a good practice to revoke a certificate that is no longer in use. I do know startSSL has a fee to do so, so you would want to contact them for that procedure. You might also want to contact startSSL just to make sure this complies with any rules or policies they might have though. We are not fully familiar with how they conduct they business, so it would best to confirm it with them.

Hope it helps,
Jason Colyer
DigitalOcean Platform Support Lead

  • Yup: helps thanks

    Contacted startSSL, oddly both my cert and account had expired.
    My server and droplet are for learning.
    I like that Let’s Encrypt is an open source project!

Have another answer? Share your knowledge.