Difference between revisions of "Certbot"
From Dogtag
m (→Requesting a Certificate) |
m (→Requesting a Certificate) |
||
Line 41: | Line 41: | ||
* certificate: /etc/letsencrypt/live/example.com/fullchain.pem | * certificate: /etc/letsencrypt/live/example.com/fullchain.pem | ||
* private key: /etc/letsencrypt/live/example.com/privkey.pem | * private key: /etc/letsencrypt/live/example.com/privkey.pem | ||
+ | |||
+ | = Renewing a Certificate = | ||
+ | |||
+ | To renew a certificate with manual dns-01 validation: | ||
+ | |||
+ | <pre> | ||
+ | $ certbot certonly --manual -d example.com --preferred-challenges dns | ||
+ | </pre> | ||
= Removing a Certificate = | = Removing a Certificate = |
Revision as of 19:26, 28 October 2019
Contents
Installation
$ dnf install certbot
Requesting a Certificate
To request a certificate with automatic http-01 validation:
$ certbot certonly --standalone -d example.com --register-unsafely-without-email
To request a certificate with manual http-01 validation:
$ certbot certonly --manual -d example.com --register-unsafely-without-email
To request a certificate with manual dns-01 validation:
$ certbot certonly --manual -d example.com --register-unsafely-without-email --preferred-challenges dns
To request a multi-domain certificate:
$ certbot certonly -d example.com -d www.example.com
To request a certificate from a different ACME server:
$ certbot certonly -d example.com --server http://localhost:8080/acme/rest/directory
The results will be stored in:
- certificate: /etc/letsencrypt/live/example.com/fullchain.pem
- private key: /etc/letsencrypt/live/example.com/privkey.pem
Renewing a Certificate
To renew a certificate with manual dns-01 validation:
$ certbot certonly --manual -d example.com --preferred-challenges dns
Removing a Certificate
$ certbot delete --cert-name $HOSTNAME