<WOWHDR>

LetsEncrypt: Create SSL Certificate

by

Website Admin
in

Install snapd

apt install snapd

Install snapd core package and update

snap install core
snap refresh core

Install certbot

snap install --classic certbot

Generate manual certificate with DNS authentication

certbot certonly --manual --preferred-challenges dns \
# domain.com | www.domain.com
-d domain.com \
# For one host certificate
-d xxx.domain.com \
# For wildcard certificate
-d *.domain.com

Successful certificates for every domain will be placed in

cd /etc/letsencrypt/live

README file

This directory contains your keys and certificates.

`[cert name]/privkey.pem`  : the private key for your certificate.
`[cert name]/fullchain.pem`: the certificate file used in most server software.
`[cert name]/chain.pem`    : used for OCSP stapling in Nginx >=1.3.7.
`[cert name]/cert.pem`     : will break many server configurations, and should not be used
                 without reading further documentation (see link below).

WARNING: DO NOT MOVE OR RENAME THESE FILES!
         Certbot expects these files to remain in this location in order
         to function properly!

We recommend not moving these files. For more information, see the Certbot
User Guide at https://certbot.eff.org/docs/using.html#where-are-my-certificates.

Renewal of manual generated certificate.

NEXT STEPS:
- This certificate will not be renewed automatically. Autorenewal of --manual certificates requires the use of an authentication hook script (--manual-auth-hook) but one was not provided. To renew this certificate, repeat this same certbot command before the certificate's expiry date.

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *