So what we have is an invalid let's encrypt certificate, when we try to renew it, public key changes. Is there a way to preserve the old public key? Our clients have it implemented for SSL pinning purposes.
certbot certificates
shows:
Certificate Name: domain.com-0001
Domains: domain.com api.domain.com beta-api.domain.com beta.domain.com demo.domain.com
Expiry Date: 2018-04-16 11:58:34+00:00 (INVALID: EXPIRED, REVOKED)
Certificate Path: /etc/letsencrypt/live/domain.com-0001/fullchain.pem
Private Key Path: /etc/letsencrypt/live/domain.com-0001/privkey.pem
Renewal actually works, but it generates a new SHA256. Is it possible to preserve the old one? Please help, thanks!