Level 75
Have you checked with host, most host allow ssh. I use putty on Windows, but there are others. Just suggestion.
Sep 4, 2021
5
Level 63
Let's encrypt => is it possible to generate a certificate without beeing on the server ?
Hello,
This is a question with no report with Laravel, so if my question disturbs, no worry, I understand. ;)
A client has recently bought a website on a dedicated server and has no SSH access key (I don't know if he has lost it or if the latter owner don't have let it to him, that's not the question). He has only an FTP access.
The SSL certificate is declared in files in a folder of the website. So I can change the values in the files (FTP).
The problem is that it would have been better to access to the server by SSH and use a letsencrypt command to generate a new certificate.
On all docs it is writtent that it is necessary to be on the server to generate a new SSL certificate, but for example sslforfree proposes to generate the SSL certificate without beeing directly on the server and has some way to guarantee the authentication with the domain and other parameters. But this service is not free.
So here is my question : is it possible to generate an SSL certificate with letsencrypt without beeing on the web server ?
Thanks for your help.
Vincent
Level 63
It's a dedicated server and the host only initiate the SSH connexion for the first use, then the owner modifies the rights as he wants / needs. That's the reason why I'm looking for a way to generate the certificate without being on the server, so that I could paste the keys in the correct files.
Level 63
I just found a way to do this : letsencrypt allow to generate a certificate manually using this command.
certbot certonly --manual
Then I just have to paste a file on the website root so that the certbot is able to check what it has to check.
Level 9
Another way would be to use DNS validation, assuming the DNS provider has an API. I believe the official certbot client does support DNS validation, otherwise you could also use this client (I personally use) https://github.com/acmesh-official/acme.sh
Level 63
Ok thank you ;) ... For the moment I have to wait because the new owner of the website don't find the credentials to access to the server in SSH ... he has only an FTP access (given by the previous owner) but the files with the SSL infos are in 400 mode so it is impossible to update them without accessing directly to the server.
Please or to participate in this conversation.