Creating TLS certificates providing a CSR with Dehydrated

ssl-certificate csr

Solution 1:

Why did you create a CSR when it sounds like you've been letting dehydrated do it for you successfully already?

Regardless, the Usage section on the project's Github page talks about a --signcsr option in the commands list. I don't actually know much about dehydrated, but I'd probably start there if you really need to use your own CSR.

P.S. Force creating a new certificate every month is not generally the recommended approach for an ACME client. Your cron job should be running once or twice a day (at ideally randomized times or at least not on a specific hour interval) and the client will automatically determine when to renew based on the expiration of the cert which is typically about 30 days prior to its expiration. This ends up giving you about 60 days of use on a 90 day cert before it's replaced. Because it's running daily, a failed renewal will simply try again the next day. If it continues to fail, Let's Encrypt will start sending you expiration warnings at about 20 days prior to your cert expiring.

Related

What additional role should I provision in an Azure resource group so that a contributor can see/accept/fix Azure SQL security recomendations?
firewalld configuration to make EC2 Amazon Linux 2 a NAT
VNC proxy-jump, possibly with ssh
How to save ssh-keyscan result with the port to .ssh/known_hosts
PHP session handler using redis not work
Rsync copies all files with executable permission
Network Policy Server error message 'Negotiation failed. No available EAP methods'
Why does youtube/chrome randomly resume play on paused video?
How to convert HTML into endless one-page PDF via wkhtmltopdf?
How to add a shortcut in OneNote 2013
Import/export or retrieve Thunderbird tags from IMAP server
How to prevent "source" in a bash script from passing the script's arguments?