Question

change certificate of authority / cert for domain

Posted January 22, 2016 1.4k views
Ubuntu Apache Security

i have free cet from StartSSL for my domain–it worked, but was clumsy procedure with them.

I want use one new one generated from Let’s Encrypt

Why?
If you’re running Apache on a recent Debian-based OS, you can try the Apache plugin, which automates both obtaining and installing certs:
./letsencrypt-auto –apache

I want to try it.

Do I have to do a Revocation of cert or something with StartSSL, if so any tips on how.

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

1 answer

When changing certificates, you do not normally need to revoke the certificate. Normally you can just let it expire. Since Apache (and Nginx) let you declare which certificate file to use, you should be able to just change over to the new one and start using it.

That said, it is always a good practice to revoke a certificate that is no longer in use. I do know startSSL has a fee to do so, so you would want to contact them for that procedure. You might also want to contact startSSL just to make sure this complies with any rules or policies they might have though. We are not fully familiar with how they conduct they business, so it would best to confirm it with them.

Hope it helps,
Jason Colyer
DigitalOcean Platform Support Lead

  • Yup: helps thanks

    Contacted startSSL, oddly both my cert and account had expired.
    My server and droplet are for learning.
    I like that Let’s Encrypt is an open source project!

Submit an Answer