Using Lets Encrypt to Sign a Certificate

Using Lets Encrypt to Sign a Certificate

First of all, a private key is needed before genreate a signing request. Either use openssl

openssl genrsa -out ~/domain.com.ssl/domain.com.key 2048
openssl req -new -sha256 -key ~/domain.com.ssl/domain.com.key -out ~/domain.com.ssl/domain.com.csr

or use Azure key vault specially if you want to store the certificate in Azure

  1. From KeyVault, SETTINGS->Certificates->Generate/Import, set "Type of Certificate Authority(CA)" to "Certificate issued by a non-integated CA"
    create_a_certificate
  2. Click the key created just now, choose "Certificate Operation"->"Download CSR" to download the CSR as domain.com.csr
    download_csr
    Now we are going to sign the certificate by using certbot, here are the steps
sudo -i
add-apt-repository ppa:certbot/certbot
apt-get update
apt-get install certbot
ufw allow 80
ufw allow 443
certbot certonly --standalone --register-unsafely-without-email --csr <your_key_csr>.csr

If Azure key vault is being used, we need to "Merge Signed Request"
merge_signed_request


Share Tweet Send
0 Comments
Loading...
You've successfully subscribed to Unofficial Azure Club
Great! Next, complete checkout for full access to Unofficial Azure Club
Welcome back! You've successfully signed in
Success! Your account is fully activated, you now have access to all content.