Difference between revisions of "Certbot"

From Dogtag
Jump to: navigation, search
m
m (Requesting a Certificate)
 
Line 7: Line 7:
 
= Requesting a Certificate =
 
= Requesting a Certificate =
  
To request a certificate with http-01 challenge:
+
To request a certificate with automatic http-01 validation:
  
 
<pre>
 
<pre>
$ certbot certonly --standalone -d example.com -d www.example.com --register-unsafely-without-email
+
$ certbot certonly --standalone -d example.com --register-unsafely-without-email
 
</pre>
 
</pre>
  
To request a certificate with http-01 challenge from a different machine:
+
To request a certificate with manual http-01 validation:
  
 
<pre>
 
<pre>
$ certbot certonly --manual -d example.com -d www.example.com --register-unsafely-without-email
+
$ certbot certonly --manual -d example.com --register-unsafely-without-email
 
</pre>
 
</pre>
  
To request a certificate with dns-01 challenge:
+
To request a certificate with manual dns-01 validation:
  
 
<pre>
 
<pre>
$ certbot certonly --manual -d example.com -d www.example.com --register-unsafely-without-email --preferred-challenges dns
+
$ certbot certonly --manual -d example.com --register-unsafely-without-email --preferred-challenges dns
 
</pre>
 
</pre>
  
Line 31: Line 31:
 
</pre>
 
</pre>
  
To request a certificate from a different server:
+
To request a certificate from a different ACME server:
  
 
<pre>
 
<pre>

Latest revision as of 01:43, 16 August 2019

Installation

$ dnf install certbot

Requesting a Certificate

To request a certificate with automatic http-01 validation:

$ certbot certonly --standalone -d example.com --register-unsafely-without-email

To request a certificate with manual http-01 validation:

$ certbot certonly --manual -d example.com --register-unsafely-without-email

To request a certificate with manual dns-01 validation:

$ certbot certonly --manual -d example.com --register-unsafely-without-email --preferred-challenges dns

To request a multi-domain certificate:

$ certbot certonly -d example.com -d www.example.com

To request a certificate from a different ACME server:

$ certbot certonly -d example.com --server http://localhost:8080/acme/rest/directory

The results will be stored in:

  • certificate: /etc/letsencrypt/live/example.com/fullchain.pem
  • private key: /etc/letsencrypt/live/example.com/privkey.pem

Removing a Certificate

$ certbot delete --cert-name $HOSTNAME

See Also