crypt/certbot
1
0
Fork 0
mirror of https://github.com/certbot/certbot.git synced 2026-01-26 07:41:33 +03:00
Code Activity
Files
b6afba0d64c7d0798afb8df609ca2ba4233b0816
certbot/docs/what.rst
Peter Conrad df8b374916 Adding 'What Is a Certificate' section 
- adding what.rst to index.rst

- Bigger link to instruction generator in intro.rst, some edits to what.rst in response to comments on What is a Certificate? section first draft #4370

- Responding to St_Ranger's comment on 4370

- Edits to using.rst related to --expand

- Initial edit pass through challenges.rst

- Edits to what.rst and challenges.rst to resolve #3664 and #4153

- Incorpoprating feedback from #4370

- Finally going after those last few comments before the restructuring of the plugin stuff (coming soon)

- Fixing --expand example in using.rst and adding to Apache/NGINX bullet in challenges.rst
2017-07-20 11:14:08 -07:00

1.7 KiB
Raw Blame History

What is a Certificate?

A public key or digital certificate (formerly called an SSL certificate) uses a public key and a private key to enable secure communication between a client program (web browser, email client, etc.) and a server over an encrypted SSL (secure socket layer) or TLS (transport layer security) connection. The certificate is used both to encrypt the initial stage of communication (secure key exchange) and to identify the server. The certificate includes information about the key, information about the server identity, and the digital signature of the certificate issuer. If the issuer is trusted by the software that initiates the communication, and the signature is valid, then the key can be used to communicate securely with the server identified by the certificate. Using a certificate is a good way to prevent "man-in-the-middle" attacks, in which someone in between you and the server you think you are talking to is able to insert their own (harmful) content.

You can use Certbot to easily obtain and configure a free certificate from Let's Encrypt, a joint project of EFF, Mozilla, and many other sponsors.

Certificates and Lineages

Certbot introduces the concept of a lineage, which is a collection of all the versions of a certificate plus Certbot configuration information maintained for that certificate from renewal to renewal. Whenever you renew a certificate, Certbot keeps the same configuration unless you explicitly change it, for example by adding or removing domains. If you add domains, you can either add them to an existing lineage or create a new one.

See also: updating_certs

View Git Blame Copy Permalink