meta data for this page
  •  

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
sw:certbot [2020/07/02 18:30] – created niziaksw:certbot [2020/07/10 13:11] (current) niziak
Line 1: Line 1:
-====== certbot ====== +====== certbot / letsencrypt ====== 
-letsencrypt+
  
 Debian Buster has old ''certbot'' version 0.31 Debian Buster has old ''certbot'' version 0.31
 Install latest ''certbot'':  Install latest ''certbot'': 
   * https://packages.debian.org/pl/bullseye/certbot   * https://packages.debian.org/pl/bullseye/certbot
 +<code bash>
 +apt install certbot python3-certbot-apache -t bullseye
 +</code>
 +
 +===== obtain wildcard cert =====
 +
 +<code bash>
 +# First obtain normal domain certificate
 +certbot -d 'example.com'
 +
 +# Then obtain again with wildcard. It will ask to Expand existing cert.
 +certbot -d 'example.com,*.example.com'
 +</code>
 +
 +==== using manual and DNS ====
 +<code bash>
 +certbot certonly --manual -d 'example.com,*.example.com'
 +</code>
 +
 +TXT entry in following form has to be added:
 +<code>
 +_acme-challenge.example.com. 300 IN TXT "gfj9Xq...Rg85nM"
 +</code>
 +Ensure record is propagated:
 +<code bash>
 +$ host -t TXT _acme-challenge.example.com
 +_acme-challenge.example.com descriptive text "gfj9Xq...Rg85nM"
 +</code>