Letsencrypt generated files on windows – What is what?

0

Issue

I used this blog to get a Letsencrypt certificate for an apache2 server on windows via letsencrypt-win-simple’s manual mode. The tool reports success and all files were generated, however, I can’t find any documentation on what is what. My apache2 has a temporary self-signed certificate installed with a self-generated private key. I assume the tool created an entirely new private key and certificate signing request and did not use the existing private key to verify my certificate? Sorry for my confusion, but I just found explanations that show how confusing and flexible the formats can be used.

The tool generated the following (- my assumption what the file is):

  • myurl.com-key.pem – Private key generated to encrypt the certificate signing request (csr) with?
  • myurl.com-csr.pem – The unsigned csr file?
  • myurl.com-gen-csr.json – Signed csr file in json to send to the CA?
  • myurl.com-gen-key.json – Public key to send to the CA?
  • myurl.com-crt.pem – My certificate?
  • myurl.com-crt.der – This file is encrypted, but why and what’s the difference to myurl.com-crt.pem?
  • myurl.com-chain.pem – The chain of CAs used to create the certificate?
  • myurl.com-all.pfx – An encrypted file containing everything? Do I need to generate the files for my apache2 from this via openssl or can I use the others?
  • ca-CRYPTICODE-crt.pem – Another certificate? Or is this the final result? But what is myurl.com-crt.pem then?
  • ca-CRYPTICODE-crt.der – Another certificate?
  • Registration – Probably used for the registration process and not required anymore?
  • Signer – Probably used for the registration process and not required anymore?

Which files do I need to configure my apache2 with? Which files are private and never shared with anyone?

Solution

myurl.com-crt.pem – this is the SSLCertificateFile
myurl.com-key.pem – this is the SSLCertificateKeyFile
ca-CRYPTICODE-crt.pem – this is the SSLCertificateChainFile
These 3 files you should specify in apache virtual host configuration.

Answered By – Elvis Plesky

This Answer collected from stackoverflow, is licensed under cc by-sa 2.5 , cc by-sa 3.0 and cc by-sa 4.0

Leave A Reply

Your email address will not be published.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More