In addition to the verification done by Brad, I also went through a manual interactive run of requesting a certificate, fake renewing it, and revoking it.
Using python3-acme from proposed:
*** 0.31.0-2~ubuntu19.04.1 500
500 http://us.archive.ubuntu.com/ubuntu disco-proposed/universe amd64 Packages
root@disco-acme-sru-1836823:~# certbot run
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
...
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for certbot-test2.justgohome.co.uk
Enabled Apache rewrite module
Waiting for verification...
Cleaning up challenges
Created an SSL vhost at /etc/apache2/sites-available/000-default-le-ssl.conf
Enabled Apache socache_shmcb module
Enabled Apache ssl module
Deploying Certificate to VirtualHost /etc/apache2/sites-available/000-default-le-ssl.conf
Enabling available site: /etc/apache2/sites-available/000-default-le-ssl.conf
...
Congratulations! You have successfully enabled https://certbot-test2.justgohome.co.uk
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
** DRY RUN: simulating 'certbot renew' close to cert expiry
** (The test certificates below have not been saved.)
Congratulations, all renewals succeeded. The following certs have been renewed:
/etc/letsencrypt/live/certbot-test2.justgohome.co.uk/fullchain.pem (success)
** DRY RUN: simulating 'certbot renew' close to cert expiry
...
Disco verification
In addition to the verification done by Brad, I also went through a manual interactive run of requesting a certificate, fake renewing it, and revoking it.
Using python3-acme from proposed: 2~ubuntu19. 04.1 500 us.archive. ubuntu. com/ubuntu disco-proposed/ universe amd64 Packages
*** 0.31.0-
500 http://
root@disco- acme-sru- 1836823: ~# certbot run letsencrypt/ letsencrypt. log test2.justgohom e.co.uk sites-available /000-default- le-ssl. conf sites-available /000-default- le-ssl. conf sites-available /000-default- le-ssl. conf /certbot- test2.justgohom e.co.uk
Saving debug log to /var/log/
Plugins selected: Authenticator apache, Installer apache
...
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for certbot-
Enabled Apache rewrite module
Waiting for verification...
Cleaning up challenges
Created an SSL vhost at /etc/apache2/
Enabled Apache socache_shmcb module
Enabled Apache ssl module
Deploying Certificate to VirtualHost /etc/apache2/
Enabling available site: /etc/apache2/
...
Congratulations! You have successfully enabled
https:/
Fake renewal: acme-sru- 1836823: ~# certbot --dry-run renew letsencrypt/ letsencrypt. log
root@disco-
Saving debug log to /var/log/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - t/renewal/ certbot- test2.justgohom e.co.uk. conf test2.justgohom e.co.uk
Processing /etc/letsencryp
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert not due for renewal, but simulating renewal for dry run
Plugins selected: Authenticator apache, Installer apache
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for certbot-
Enabled Apache rewrite module
Waiting for verification...
Cleaning up challenges
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - t/live/ certbot- test2.justgohom e.co.uk/ fullchain. pem
new certificate deployed with reload of apache server; fullchain is
/etc/letsencryp
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
** DRY RUN: simulating 'certbot renew' close to cert expiry
** (The test certificates below have not been saved.)
Congratulations, all renewals succeeded. The following certs have been renewed: letsencrypt/ live/certbot- test2.justgohom e.co.uk/ fullchain. pem (success)
/etc/
** DRY RUN: simulating 'certbot renew' close to cert expiry
...
Revoking: acme-sru- 1836823: ~# certbot revoke --cert-path /etc/letsencryp t/live/ certbot- test2.justgohom e.co.uk/ fullchain. pem letsencrypt/ letsencrypt. log
root@disco-
Saving debug log to /var/log/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you like to delete the cert(s) you just revoked, along with all earlier
and later versions of the cert?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es (recommended)/(N)o: y
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - test2.justgohom e.co.uk.
Deleted all files relating to certificate certbot-
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - t/live/ certbot- test2.justgohom e.co.uk/ fullchain. pem
Congratulations! You have successfully revoked the certificate that was located
at /etc/letsencryp
Disco verification succeeded.