One question, how you get the replay-nonce for POST /acme/new-authz?
On Mon, Feb 15, 2016 at 12:26 PM, Daniel Roesler <diafygi@xxxxxxxxx> wrote:
For acme-tiny, we just run the same procedure as getting a new
certificate. You can even use the same CSR as before.
POST /acme/new-authz (request new challenges for the domain)
POST /path/to/challenge (notify of challenges met)
GET /path/to/challenge (wait for the challenge to turn valid)
...repeat as needed for multiple domains
POST /acme/new-cert (get a signed cert)
On Mon, Feb 15, 2016 at 7:00 AM, Kaiduan Xie <kaiduanx@xxxxxxxxx> wrote:
What is the protocol/procedure used under the hood to renew a Letsencrypt
certificate? I obtained an Letsencrypt certificate on Dec of 2015 with my
own client (not the Python client provided by Letsencrypt), the
Now the following informations are available after obtaining a
1. Account RSA key pair
2. RSA key pair for Letsencrypt issued certificate
3. CSR for Letsencrypt issued certificate
4. Letsencrypt issued certificate
5. URL for Letsencrypt issued certificate
6. Domain name
Can someone elaborate the renew protocol in details? How the above
informations are used to renew a certificate?
Thanks a lot for the help,
You received this message because you are subscribed to the Google Groups
"Let's Encrypt Client Development" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to client-dev+unsubscribe@xxxxxxxxxxxxxxx.
To post to this group, send email to client-dev@xxxxxxxxxxxxxxx.
To view this discussion on the web visit