Certbot
Ubuntu 24.04 LTS
1
2
3
|
$ sudo apt update && sudo apt upgrade
$ sudo apt install python3-certbot-nginx # For Nginx
$ sudo apt install python3-certbot-apache # For Apache
|
Request a new Let’s Encrypt SSL certificate and install the certificate.
1
|
$ sudo certbot --nginx -d www.example.com
|
Verify that Certbot auto-renews the SSL certificate upon expiry.
1
|
$ sudo certbot renew --dry-run
|
1
2
|
$ sudo certbot certificates
$ sudo certbot delete --cert-name www.example.com
|
CentOS 7 & 8
1
2
3
|
$ sudo yum install epel-release
$ sudo yum install certbot python3-certbot-nginx # For Nginx
$ sudo yum install certbot python3-certbot-apache # For Apache
|
Automatically Obtain and Install Certificates
1
2
|
$ sudo certbot --nginx
$ sudo certbot --apache
|
Using Standalone Mode to Generate Certificates
1
2
3
|
$ sudo systemctl stop nginx
$ sudo certbot certonly --standalone -d example.com -d www.example.com
$ sudo systemctl start nginx
|
Obtain a certificate by writing to the Webroot directory of a running Web server.
1
|
$ certbot certonly --webroot -w /var/www/example -d www.example.com
|
Test Certificate Renewal Process
1
|
$ sudo certbot renew --dry-run
|
Manual renewal of certificates
Notes
Port 80 needs to be reachable from the internet for the http-01 challenge, not just port 443.
Links
Let's Encrypt
Certbot
acme.sh