Certbot: Difference between revisions
imported>Onny (Initial page with simple example) |
imported>Onny (Add description summary about certbot) |
||
| Line 1: | Line 1: | ||
[https://github.com/certbot/certbot Certbot] is [https://www.eff.org/ Electronic Frontier Foundation]'s [[ACME]] client, which is written in Python and provides conveniences like automatic web server configuration and a built-in webserver for the HTTP challenge. Certbot is recommended by [https://letsencrypt.org/ Let's Encrypt]. | |||
== Installation == | == Installation == | ||
Revision as of 13:39, 29 August 2022
Certbot is Electronic Frontier Foundation's ACME client, which is written in Python and provides conveniences like automatic web server configuration and a built-in webserver for the HTTP challenge. Certbot is recommended by Let's Encrypt.
Installation
Install certbot in your current environment
# nix-env -iA nixos.certbot
Usage
DNS challenge
The following command will generate a SSL certificate key pair for the domain example.org using the DNS authentication mechanism. After running this command, you'll get asked by the script to paste a specific key into your DNS records for example.org.
# certbot certonly --manual --preferred-challenges dns -d example.org --register-unsafely-without-email --agree-tos
If everthing went well you'll have the certificate and key file stored as /etc/letsencrypt/live/example.org/fullchain.pem and /etc/letsencrypt/live/example.org/privkey.pem