Difference between revisions of "Certbot"

From Dogtag
Jump to: navigation, search
m (Requesting a Certificate)
m (Requesting a Certificate)
Line 41: Line 41:
 
* certificate: /etc/letsencrypt/live/example.com/fullchain.pem
 
* certificate: /etc/letsencrypt/live/example.com/fullchain.pem
 
* private key: /etc/letsencrypt/live/example.com/privkey.pem
 
* private key: /etc/letsencrypt/live/example.com/privkey.pem
 +
 +
= Renewing a Certificate =
 +
 +
To renew a certificate with manual dns-01 validation:
 +
 +
<pre>
 +
$ certbot certonly --manual -d example.com --preferred-challenges dns
 +
</pre>
  
 
= Removing a Certificate =
 
= Removing a Certificate =

Revision as of 19:26, 28 October 2019

Installation

$ dnf install certbot

Requesting a Certificate

To request a certificate with automatic http-01 validation:

$ certbot certonly --standalone -d example.com --register-unsafely-without-email

To request a certificate with manual http-01 validation:

$ certbot certonly --manual -d example.com --register-unsafely-without-email

To request a certificate with manual dns-01 validation:

$ certbot certonly --manual -d example.com --register-unsafely-without-email --preferred-challenges dns

To request a multi-domain certificate:

$ certbot certonly -d example.com -d www.example.com

To request a certificate from a different ACME server:

$ certbot certonly -d example.com --server http://localhost:8080/acme/rest/directory

The results will be stored in:

  • certificate: /etc/letsencrypt/live/example.com/fullchain.pem
  • private key: /etc/letsencrypt/live/example.com/privkey.pem

Renewing a Certificate

To renew a certificate with manual dns-01 validation:

$ certbot certonly --manual -d example.com --preferred-challenges dns

Removing a Certificate

$ certbot delete --cert-name $HOSTNAME

See Also