Skip to main content
Certificates from Let's Encrypt®

Certificates from Let's Encrypt®

If you issue a Let's Encrypt® certificate in the Secret Manager, DNS-01 validation will be performed automatically. Domain DNS records are stored in Servercore's infrastructure, so the service creates a TXT record for certificate issuance on its own. The service will track the expiration date of the certificate and automatically renew it 30 days before the expiration date. If you issue a certificate on your own, you will need to validate the domain and pass a verification process, and then renew the certificate every 60 days.

The certificate is only valid in the project in which it was issued.

To issue a certificate, the domain must have an IP address in the A-record.

Issue a Let's Encrypt® certificate

You can issue a Let's Encrypt® certificate that is valid:

  • only for the main domain or for the main domain and all its subdomains (Wildcard certificate);
  • for the subdomain only. The certificate will not be valid for the main domain.
carefully

Once a Let's Encrypt® certificate is issued, the site, service, or application will not automatically open over HTTPS — you must download the certificate and install it on your web server.

  1. Create a zone for the domain in DNS hosting.

  2. Delegate the domain.

  3. In the Control Panel, on the top menu, click Products and select Secrets Manager.

  4. In the Secrets Manager section, open the Certificates tab.

  5. Click Add Certificate.

  6. Select Certificates from Let's Encrypt®.

  7. Enter the name of the certificate.

  8. Select the domain you delegated to DNS hosting in step 2.

  9. Optional: To add a subdomain to the certificate for the primary domain, click Add Additional Domain.

    Enter the name of the subdomain. To issue a Wildcard certificate, enter a subdomain of the form *.example.com

  10. Click Issue Certificate.

Download a Let's Encrypt® certificate

  1. In the Control Panel, go to Cloud PlatformSecrets Manager.
  2. Open the Certificates tab → Certificate page.
  3. In the Certificate Files block, select the certificate, intermediate certificate chain, root certificate, and private key.
  4. Click Download.

View the status of your Let's Encrypt® certificate

  1. In the Control Panel, go to Cloud PlatformSecrets Manager.

  2. Open the Certificates tab.

  3. Look at the status in the certificate row → Status column.

    ACTIVEThe certificate is valid and ready for use
    CREATINGCertificate issuance and secrecy preservation takes place
    RENEWINGThere are 30 days left until the certificate expiration date, automatic reissuance takes place
    INVALID

    The certificate is invalid for one reason:

    • signed incorrectly;
    • the certificate trust chain is broken (the root certificate could not be verified or the intermediate certificate has expired);
    • it is impossible to verify the certificate signature;
    • DNS-01 failed
    ERRORAn error occurred during certificate issuance. Check that your domain registrar has created NS records pointing to Servercore servers: a.ns.srv.cr, b.ns.servercore.ru, c.ns.servercore.ru, d.ns.servercore.ru. If the problem persists , create a ticket