Editing Certbot
Jump to navigation
Jump to search
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then save the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 1: | Line 1: | ||
− | <code>certbot</code><ref>https://certbot.eff.org/docs/intro.html</ref> is a fully-featured, extensible client for the | + | <code>certbot</code><ref>https://certbot.eff.org/docs/intro.html</ref> is a fully-featured, extensible client for the Let’s Encrypt CA (or any other CA that speaks the [[ACME]] protocol defined in 2015-2016) that can automate the tasks of obtaining certificates and configuring webservers to use them. This client runs on Unix-based operating systems. |
+ | * <code>apt install certbot</code> | ||
− | |||
− | |||
− | |||
− | + | [[Ubuntu]]: | |
− | + | * Binaries: <code>certbot</code> and <code>letscrypt</code> | |
− | + | * Renewals configuration: <code>/etc/cron.d/certbot</code> | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | * Binaries: <code>certbot</code> and <code> | ||
− | |||
− | |||
− | |||
− | * Renewals configuration: <code>/etc/cron.d/certbot | ||
− | |||
== Examples == | == Examples == | ||
+ | To request a certificate: | ||
+ | * Stop your webserver: <code>systemctl nginx stop</code> | ||
+ | * <code>certbot certonly --standalone --preferred-challenges http -d YOUR_DOMAIN_NAME.com</code> | ||
+ | * <code>certbot certonly --standalone --agree-tos --preferred-challenges dns -d *.YOUR_DOMAIN_NAME.com</code> | ||
− | |||
− | + | <code>[[nginx.conf]]</code> | |
− | + | :<code>[[ssl_certificate]] /etc/letsencrypt/live/www.example.com/fullchain.pem;</code> | |
+ | :<code>ssl_certificate_key /etc/letsencrypt/live/www.example.com/privkey.pem;</code> | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
+ | <code>certonly --standalone</code> | ||
− | + | <pre> | |
− | + | certbot --nginx | |
+ | Saving debug log to /var/log/letsencrypt/letsencrypt.log | ||
+ | The requested nginx plugin does not appear to be installed | ||
+ | </pre> | ||
+ | <pre> | ||
+ | certbot certificates | ||
+ | Saving debug log to /var/log/letsencrypt/letsencrypt.log | ||
+ | - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - | ||
+ | No certs found. | ||
+ | - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - | ||
+ | </pre> | ||
− | < | + | <pre> |
− | + | certbot renew | |
− | + | Saving debug log to /var/log/letsencrypt/letsencrypt.log | |
− | + | - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - | |
+ | No renewals were attempted. | ||
+ | - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - | ||
+ | </pre> | ||
+ | <pre> | ||
+ | certbot delete --cert-name YOUR_CERT_NAME | ||
+ | Saving debug log to /var/log/letsencrypt/letsencrypt.log | ||
− | + | - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - | |
+ | Deleted all files relating to certificate YOUR_CERT_NAME. | ||
+ | - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - | ||
+ | </pre> | ||
− | |||
− | |||
− | |||
− | |||
+ | * Changing a Certificdate's Domain<ref>https://certbot.eff.org/docs/using.html#changing-a-certificate-s-domains</ref>: <code>certbot certonly --cert-name example.com -d example.org,www.example.org</code> | ||
+ | * Automated renewals: <code>[[systemctl list-timers]]</code> | ||
== Activities == | == Activities == | ||
* Read <code>certbot</code> [[certbot changelog]]: https://github.com/certbot/certbot/blob/master/certbot/CHANGELOG.md | * Read <code>certbot</code> [[certbot changelog]]: https://github.com/certbot/certbot/blob/master/certbot/CHANGELOG.md | ||
− | |||
− | |||
− | |||
== See also == | == See also == | ||
− | * {{ | + | * {{HTTPS}} |
− | |||
* {{CA}} | * {{CA}} | ||
+ | * {{DNS}} | ||
[[Category:IT Security]] | [[Category:IT Security]] |
Advertising: