Can this be used to generate a certificate for my website that is on a hosted server? I used to use zerossl to generate the certificate and then converted it to pfx.
If the hosted server is Windows with RDP, then sure. If it is not, then there are hopefully better solutions that work more natively.
Yes, so the answer is ‘probably’! It depends what you normally have to do to get the certificate working. Do you normally have to upload the certificate onto a hosting control panel website?
If so, you can use v5 of certify to generate a certificate (you can use the Deployment Mode ‘none’, add a Certificate Export deployment task and get it to save the file to a standard location, so it always has the same name and is always in the same location. Then you need to manually upload that certificate on a regular basis (for instance a week before the cert expires).
Note that with v5 you can also choose to use BuyPass Go for your certificates, and they last 180 days (Let’s Encrypt is 90 days), which is more convenient if you are doing a manual step.
As @jljtgr says, if instead you have remote access to the server (and it’s Windows), you can just install the app there and use it normally.
If you have SSH access you can use the Generic Server (or Apache, nginx) deployment task to automatically SSH on and update the certificate.
So, it just depends what the configuration is as to how you would use it.
Thanks. The remote host uses IIS. I don’t have access via RDP so I don’t think I can install remote software.
I set deployment mode as “no deployment” and set a deployment task as as “Export Certificate”
However, when I add my domain, and click test, I get: “Querying the state of IIS failed. This is usually because IIS is not installed or is not fully configured.” I don’t have IIS local, only on the remote hosted site, so I am not sure if I am missing a setting, any additional help would be appreciated. Thanks.
I think you might need to explain exactly what you do have access to. I’m unfamiliar with how to give IIS a certificate if you don’t have direct access to the server.
For Certify to create a certificate, it has to prove ownership of the domain in a (hopefully) automated fashion. It sounds like your local machine is unrelated to the domain, so
http-01 validation may not work. You may have to use
dns-01 validation where you add a custom TXT record to your domain’s DNS. How to do this depends on what your DNS provider is.
Yes as @jljtgr says, you will need to use DNS validation (sounds like you may want to start with the Manual DNS option, where you manually create the DNS TXT record each time you need to validate).
You currently have ‘Challenge Type’ under ‘Authorization’ set to
http-01, change it to
(Update DNS Manually) from the DNS Update method list (or use acme-dns). Then when you hit Request Certificate you will get instructions on the DNS record to add/update for your domain (see the Status tab after your request completes), then once you have made the changes required you can click Request Certificate again to resume the request.
You should probably also consider using BuyPass Go as previously mentioned. To do so, create a BuyPass Go account under Settings > Certificate Authorities, then under Certificate > Certificate Authority, select BuyPass Go. That way your certificate will be 180 days, rather than Let’s Encrypts 90 days, which is important because you are performing manual work and you don’t want to do it too frequently.
You mention that you don’t have RDP access so I’m assuming you currently upload the certificate to a control panel.
An alternative to all of this is to use Cloudflare (free) for your DNS hosting, with DNS proxy enabled. That way cloudflare generate and use a certificate for you, so you don’t strictly need one on the server (just use http). It depends if you care about encryption between Cloudflare and your server or not.
Thank you for all the help. Ultimately, I ending up using certbot to generate the certificate and do the challenges by ftping the files to the server.
I wanted to like this tool but just couldn’t get it to work.
Thanks, that’s totally fine,glad you got your certificate working. Did you hit a particular problem or error with Certify? Was there something confusing in the user interface that wasn’t explained in the docs (https://docs.certifytheweb.com/docs/certificate-process)?