Working with Let's Encrypt certificates
Let’s Encrypt is a global Certificate Authority (CA). This organization is a non-profit and does not charge fees for their certificates. Each certificate is valid for 90 days. RAS Console allows you to issue, automatically renew and revoke Let's Encrypt certificates.
Issuing a Let's Encrypt certificate
To issue a new Let’s Encrypt certificate:
- Navigate to Infrastructure > Certificates.
- Click the ellipsis menu ( the [...] icon) and choose Let's Encrypt Settings.
- Select the I have read and accept Let's Encrypt EULA option.
- In the Expiration emails field list specify the email addresses that will receive notifications from Let’s Encrypt.
- Optionally, change the time when certificates are renewed automatically in the Automatically renew certificates before expiration field.
- Navigate back to Infrastructure > Certificates.
- Choose Add > Issue Let's Encrypt certificate from the [...] menu and specify the following options:
- Name: Name of the certificate.
- Description: Description of the certificate.
- Usage: HALB and/or Secure Gateway.
- Key size: Key size.
- Country code: Code of your country.
- Full state or province: Name of your state or province.
- City: Your city.
- Organization: Name of your organization.
- Organization unit: Name of your organization unit.
- E-mail: Email address of your organization.
- Common name: Valid domain name of a HALB or Secure Gateway.
- Alternative names: Valid domain names of HALBs or Secure Gateways.
- Click Issue certificate.
Renewing a Let’s Encrypt certificate manually
To manually renew a Let’s Encrypt certificate:
- Navigate to Infrastructure > Certificates.
- Select the certificate that you want to renew.
- Select Control > Renew from the [...] menu.
Revoking a Let’s Encrypt certificate
To revoke a Let’s Encrypt certificate:
- Navigate to Infrastructure > Certificates.
- Select the certificate that you want to renew.
- Select Control > Revoke from the [...] menu.