0

In preparation of a (server) transfer of a website, I want to install a SSL certificate for a domain, which is currently not available on the server (The domain is still pointing on the old server). The old server, of course, has installed a SSL certificate, too. The new server is a linux server (Ubuntu 18.04). I want to use certbot with nginx to automatically renew the certificate.

Now I'm asking me, if it makes problems, when the domain still points on the old server with a different certificate. The command I want to use is this one:

sudo certbot --nginx -d example.com -d www.example.com

Maybe a stupid question, so please be patient with me. ;-)

dns_nx
  • 111
  • 5
  • 1
    Why don't you copy the existing certificate to the new server? – Michael Hampton Jul 24 '20 at 13:23
  • I thought it would be easier to directly use an automated certbot instead of installing the old one (I need to extract the cert from a windows server (IIS)). But, if it does not work otherwise, I need to find out, how this can be done. – dns_nx Jul 24 '20 at 13:27
  • 1
    I suppose you could do it via DNS if you use one of the supported DNS providers. – Michael Hampton Jul 24 '20 at 13:45

1 Answers1

1

Michael Hampton gave you good suggestion to use the DNS validation, it's far more reliable than the "/.well-known/acme-challenge/". But if you want to remain on files, you shall exclude the "/.well-known" part in you IIS, give it a directory and place there the generated token manually. It shall do the trick when you're quick, but than you'll probably do the similar trick on your nginx, don't forget on nginx you start with port 80 as you won't have the cert. If you have an option go for DNS validation even when you need to add the DNS record manually or owner of the domain.

Geeky Masters
  • 729
  • 3
  • 8