Difference between revisions of "Certbot"
Jump to navigation
Jump to search
↑ https://certbot.eff.org/docs/intro.html
↑ https://certbot.eff.org/docs/using.html#changing-a-certificate-s-domains
| Line 56: | Line 56: | ||
* {{DNS}} | * {{DNS}} | ||
| − | [[Category:IT | + | [[Category:IT Security]] |
Revision as of 17:50, 27 December 2019
certbot[1] is a fully-featured, extensible client for the Let’s Encrypt CA (or any other CA that speaks the ACME protocol defined in 2015-2016) that can automate the tasks of obtaining certificates and configuring webservers to use them. This client runs on Unix-based operating systems.
- Binaries:
certbotandletscrypt - Renewals configuration:
/etc/cron.d/certbot
Examples
To request a certificate:
certbot certonly --standalone --preferred-challenges http -d YOUR_DOMAIN_NAME.com
- ssl_certificate /etc/letsencrypt/live/www.example.com/fullchain.pem;
- ssl_certificate_key /etc/letsencrypt/live/www.example.com/privkey.pem;
certonly --standalone
certbot --nginx Saving debug log to /var/log/letsencrypt/letsencrypt.log The requested nginx plugin does not appear to be installed
certbot certificates Saving debug log to /var/log/letsencrypt/letsencrypt.log - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - No certs found. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
certbot renew Saving debug log to /var/log/letsencrypt/letsencrypt.log - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - No renewals were attempted. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- Changing a Certificdate's Domain[2]:
certbot certonly --cert-name example.com -d example.org,www.example.org - Automated renewals:
systemctl list-timers
Activities
See also
- HTTP, HTTP client, HTTP/1.1, HTTP/2, HTTP/3, HTTPS, HSTS CSR, TLS, SSL,
openSSL, WebSockets, WebRTC,ssl_certificateQUIC, HPKP, CT, List of HTTP status codes, URL redirection, Content-type:, Webhook, HTTP headers,--insecure, Axios HTTP client, HTTP cookies, HTTP ETag, Hypertext Transfer Protocol -- HTTP/1.1 - DNS: Linux DNS, IP,
systemd-resolve,/etc/hosts,whois, Domain registrar,dig,host,nslookup,scutil --dnsdnsmasq,bind,delv,.local,.internal, .onion, FQDN, TTL,/etc/resolv.conf,/etc/systemd/resolved.conf,dscacheutil(macOS),hostname, hostnamectl,bind,resolvectl status, DNS sinkhole, Domain name server, LLMNR, Resource records:MX, TXT, NS, CAA, SSHFP, Apex, CNAME, Wildcard DNS records, Subdomain, /etc/nsswitch.conf,1.1.1.1,8.8.8.8, CoreDNS, dnsPolicy:, Google Public DNS, DNS caches, Kubernetes ExternalDNS, DNS forwarding, IDNA2008, DNS-1035, Domain name registrars, Split-view DNS, Pi-hole, NextDNS
Advertising:
