Certificates from Let's Encrypt®
If you issue a Let's Encrypt® certificate in the Secret Manager, DNS-01 validation will be performed automatically. Domain DNS records are stored in Selectel's infrastructure, so the service creates a TXT record for certificate issuance on its own. The service will track the expiration date of the certificate and automatically renew it 30 days before the expiration date. If you issue a certificate on your own, you will need to validate your domain and pass a verification process, and then renew the certificate every 60 days.
The certificate is valid only if project in which it was released.
Issue a Let's Encrypt® certificate
You can issue a Let's Encrypt® certificate that is valid:
- only for the main domain or for the main domain and all its subdomains (Wildcard certificate);
- for the subdomain only. The certificate will not be valid for the main domain.
After a Let's Encrypt® certificate is issued, the site, service or application will not automatically open over HTTPS — you need to download certificate and install it on your web server.
For the main domain and subdomains
Subdomain only
-
Create an area for the domain in DNS hosting.
-
In control panel go to Cloud platform → The manager of secrets.
-
Open the tab Certificates.
-
Click Add a certificate.
-
Select Certificates from Let's Encrypt®.
-
Enter the name of the certificate.
-
Select the domain you delegated to DNS hosting in step 2.
-
Optional: to add a subdomain to the certificate for the main domain, click Add an additional domain.
Enter the name of the subdomain. To issue a Wildcard certificate, enter a subdomain of the form
*.example.com
-
Click Issue a certificate.
- Create an area for a subdomain in DNS hosting.
- Delegate a subdomain.
- In control panel go to Cloud platform → The manager of secrets.
- Open the tab Certificates.
- Click Add a certificate.
- Select Certificates from Let's Encrypt®.
- Enter the name of the certificate.
- Select the subdomain that you delegated to DNS hosting in step 2.
- Click Issue a certificate.
Download a Let's Encrypt® certificate
- In control panel go to Cloud platform → The manager of secrets.
- Open the tab Certificates → certificate page.
- In the block Certificate files Select a certificate, intermediate certificate chain, root certificate, and private key.
- Click Download.
View the status of your Let's Encrypt® certificate
-
In control panel go to Cloud platform → The manager of secrets.
-
Open the tab Certificates.
-
Look at the status in the certificate row → column Status.