Skip to main content

Certbot: Renew, reissue, or duplicate certificate using ACME URL query parameters

When an ACME client request for certificate automation is placed, DigiCert​​®​​ Trust Lifecycle Manager searches for existing certificate orders and applies its default lifecycle action.

To perform a specific automation action, explicitly instruct Trust Lifecycle Manager by including the action type and order ID as ACME URL query parameters.

Note on automated actions

Trust Lifecycle Manager automatically renews and reissues certificates for existing orders when applicable. See ACME automation actions.

To duplicate an existing certificate, the profile must allow it, and you must include the action and order ID in the ACME URL.

Base versus region-specific ACME URL

For hosted Trust Lifecycle Manager accounts, use the region-specific URL (See Inbound IP addresses and URLs by environment and region).

Base URL:https://one.digicert.com/mpki/api/v1/acme/v2/directory>.

Region-specific URLs:

EU region:https://one.nl.digicert.com orhttps://one.ch.digicert.com
Japan region:https://one.digicert.co.jp
US region:https://one.us.digicert.com

Renew certificate

This section demonstrates how to use the action=renew query parameter with the corresponding ACME URL and complete the Certbot command.

Element

Example

ACME URL Query Parameter

?action=renew&orderId=555123456

Full ACME URL

https://one.digicert.com/mpki/api/v1/acme/v2/directory?action=renew&orderId=555123456

Certbot Command Example

sudo certbot --apache ... --server https://one.digicert.com/mpki/api/v1/acme/v2/directory?action=renew&orderId=555123456 ... -d example.com -d www.example.com --preferred-challenges http

Reissue certificate

This section demonstrates how to use the action=reissue query parameter with the corresponding ACME URL and complete the Certbot command.

Element

Example

ACME URL Query Parameter

?action=renew&orderId=555123456

Full ACME URL

https://one.digicert.com/mpki/api/v1/acme/v2/directory?action=renew&orderId=555123456

Certbot Command Example

sudo certbot --apache ... --server https://one.digicert.com/mpki/api/v1/acme/v2/directory?action=renew&orderId=555123456 ... -d example.com -d www.example.com --preferred-challenges http

Duplicate certificate

This section demonstrates how to use the action=duplicate query parameter with the corresponding ACME URL and complete the Certbot command.

Element

Example

ACME URL Query Parameter

?action=renew&orderId=555123456

Full ACME URL

https://one.digicert.com/mpki/api/v1/acme/v2/directory?action=renew&orderId=555123456

Certbot Command Example

sudo certbot --apache ... --server https://one.digicert.com/mpki/api/v1/acme/v2/directory?action=renew&orderId=555123456 ... -d example.com -d www.example.com --preferred-challenges http
In this section: