On Wed, Jun 11, 2025 at 05:01:33PM +0800, Y Peng wrote: > Hello, > > We have a Debian server that can connect to the internet in the test > environment. We installed a free Let's Encrypt SSL certificate while > connected to the internet. However, after deploying this server to the > production environment, it is subject to strict network isolation and cannot > access the internet. Will the Let's Encrypt certificate remain valid for a > long time if it cannot access the internet? The validity time period of a certificate is baked in (i.e. it doesn't depend on whether the server is "isolated" or similar. In the case of LetsEncrypt, they are valid for 90 days [1]. They are designed to be refreshed regularly. That said, I don't quite understand what you are trying to do. Why does your "server" need a (publicly endorsed) certificate if it is not "connected" to the internet? My take is: either it needs the certificate, then it can be reached from the outside via https, then it is "connected" -- or it is not "connected", then it doesn't need a TLS certificate in the first place. So I must be missing something. Cheers -- t
Attachment:
signature.asc
Description: PGP signature