Certbot
certbot
[1] is a fully-featured, extensible client for the Let’s Encrypt CA (or any other CA that speaks the ACME protocol defined in 2015-2016) that can automate the tasks of obtaining certificates and configuring webservers to use them. This client runs on Unix-based operating systems.
- Binaries:
certbot
andletscrypt
- Renewals configuration:
/etc/cron.d/certbot
Examples
To request a certificate:
- Stop your webserver:
systemctl nginx stop
certbot certonly --standalone --preferred-challenges http -d YOUR_DOMAIN_NAME.com
certbot certonly --standalone --agree-tos --preferred-challenges dns -d *.YOUR_DOMAIN_NAME.com
ssl_certificate /etc/letsencrypt/live/www.example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/www.example.com/privkey.pem;
certonly --standalone
certbot --nginx Saving debug log to /var/log/letsencrypt/letsencrypt.log The requested nginx plugin does not appear to be installed
certbot certificates Saving debug log to /var/log/letsencrypt/letsencrypt.log - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - No certs found. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
certbot renew Saving debug log to /var/log/letsencrypt/letsencrypt.log - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - No renewals were attempted. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Activities
See also
- HTTP, HTTP client, HTTP/1.1, HTTP/2, HTTP/3, HTTPS, HSTS CSR, TLS, SSL,
openSSL
, WebSockets, WebRTC,ssl_certificate
QUIC, HPKP, CT, List of HTTP status codes, URL redirection, Content-type:, Webhook, HTTP headers,--insecure
, Axios HTTP client, HTTP cookies, HTTP ETag, Hypertext Transfer Protocol -- HTTP/1.1 - DNS: Linux DNS, IP,
systemd-resolve
,/etc/hosts
,whois
, Domain registrar,dig
,host
,nslookup
,scutil --dns
dnsmasq
,bind
,delv
,.local
,.internal, .onion
, FQDN, TTL,/etc/resolv.conf
,/etc/systemd/resolved.conf
,dscacheutil
(macOS),hostname, hostnamectl
,bind
,resolvectl status
, DNS sinkhole, Domain name server, LLMNR, Resource records:MX, TXT, NS
, CAA, SSHFP, Apex, CNAME, Wildcard DNS records, Subdomain, /etc/nsswitch.conf,1.1.1.1
,8.8.8.8, CoreDNS, dnsPolicy:
, Google Public DNS, DNS caches, Kubernetes ExternalDNS, DNS forwarding, IDNA2008, DNS-1035, Domain name registrars, Split-view DNS, Pi-hole, NextDNS
Advertising: