starred/dehydrated
1
0
Fork 0
mirror of https://github.com/dehydrated-io/dehydrated.git synced 2026-01-13 15:13:33 +01:00
Code Issues 79 Packages Projects Releases 10 Wiki Activity

dehydrated will not replace staging CA certs with real certs, after staging CA removed from config #365

New Issue
Closed
opened 2025-12-29 01:23:44 +01:00 by adam · 1 comment
adam commented 2025-12-29 01:23:44 +01:00
Owner
Copy Link

Originally created by @dave559 on GitHub (Jul 27, 2018).

As part of the (scripted) process of setting up my webserver, I try to request LE certs using the staging CA, and only then try to request certs with the live CA if this is successful (in order to try to prevent any configuration mistakes from triggering rate limits).

I am using dehydrated 0.3.1 (as that's what comes with my distro) and therefore ACME v1.

Once I have my dehydrated configuration setup, I run dehydrated -c, and then once again after I have commented out the staging CA.

However, dehydrated seems to think that my existing cert has not yet expired and so does not renew it.

What would I need to do in order to let dehydrated know that I do genuinely need to request a new cert in this situation?

Thanks for any advice.

Originally created by @dave559 on GitHub (Jul 27, 2018). As part of the (scripted) process of setting up my webserver, I try to request LE certs using the staging CA, and only then try to request certs with the live CA if this is successful (in order to try to prevent any configuration mistakes from triggering rate limits). I am using dehydrated 0.3.1 (as that's what comes with my distro) and therefore ACME v1. Once I have my dehydrated configuration setup, I run `dehydrated -c`, and then once again after I have commented out the staging CA. However, dehydrated seems to think that my existing cert has not yet expired and so does not renew it. What would I need to do in order to let dehydrated know that I do genuinely need to request a new cert in this situation? Thanks for any advice.
adam closed this issue 2025-12-29 01:23:44 +01:00
adam commented 2025-12-29 01:23:44 +01:00
Author
Owner
Copy Link

@lukas2511 commented on GitHub (Jul 27, 2018):

Dehydrated doesn't refresh your certificate because from its view it's a completely valid certificate.
You can use --force to force dehydrated to refresh all certificates.

@lukas2511 commented on GitHub (Jul 27, 2018): Dehydrated doesn't refresh your certificate because from its view it's a completely valid certificate. You can use `--force` to force dehydrated to refresh all certificates.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
Complicated
bug
enhancement
help wanted
pull-request
Mirrored from GitHub Pull Request
 suggestions wanted
testing
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
adam
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/dehydrated#365
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?