Difference between revisions of "Certbot"
From Dogtag
m |
m (→Requesting a Certificate) |
||
Line 7: | Line 7: | ||
= Requesting a Certificate = | = Requesting a Certificate = | ||
− | To request a certificate with http-01 | + | To request a certificate with automatic http-01 validation: |
<pre> | <pre> | ||
− | $ certbot certonly --standalone -d | + | $ certbot certonly --standalone -d example.com --register-unsafely-without-email |
</pre> | </pre> | ||
− | To request a certificate with http-01 | + | To request a certificate with manual http-01 validation: |
<pre> | <pre> | ||
− | $ certbot certonly --manual -d | + | $ certbot certonly --manual -d example.com --register-unsafely-without-email |
</pre> | </pre> | ||
− | To request a certificate with dns-01 | + | To request a certificate with manual dns-01 validation: |
<pre> | <pre> | ||
− | $ certbot certonly --manual -d | + | $ certbot certonly --manual -d example.com --register-unsafely-without-email --preferred-challenges dns |
</pre> | </pre> | ||
Line 31: | Line 31: | ||
</pre> | </pre> | ||
− | To request a certificate from a different server: | + | To request a certificate from a different ACME server: |
<pre> | <pre> |
Revision as of 01:43, 16 August 2019
Installation
$ dnf install certbot
Requesting a Certificate
To request a certificate with automatic http-01 validation:
$ certbot certonly --standalone -d example.com --register-unsafely-without-email
To request a certificate with manual http-01 validation:
$ certbot certonly --manual -d example.com --register-unsafely-without-email
To request a certificate with manual dns-01 validation:
$ certbot certonly --manual -d example.com --register-unsafely-without-email --preferred-challenges dns
To request a multi-domain certificate:
$ certbot certonly -d example.com -d www.example.com
To request a certificate from a different ACME server:
$ certbot certonly -d example.com --server http://localhost:8080/acme/rest/directory
The results will be stored in:
- certificate: /etc/letsencrypt/live/example.com/fullchain.pem
- private key: /etc/letsencrypt/live/example.com/privkey.pem
Removing a Certificate
$ certbot delete --cert-name $HOSTNAME