Install certbot and letsencrypt
sudo apt install certbot letsencrypt
sudo apt-get install python3-certbot-apache
Create a certificate:
sudo certbot certonly --manual --preferred-challenges=dns
List Certificates:
sudo certbot certificates
Renewing certificates:
sudo certbot certonly --manual --preferred-challenges=dns -d mbirgin.com,*.mbirgin.com
Note: Wildcard subdomains like *.mbirgin.com, supported by dns challenge.
2024-04 : with auto renewable way (not fully tested):
sudo certbot certonly --webroot -w /var/www/mbirgin/beyazhastane.com/ -d beyazhastane.com
The path /var/www/mbirgin/beyazhastane.com/.well-known/acme-challenge/[TOKEN] should be accessed by:
http://beyazhastane.com/.well-known/acme-challenge/[TOKEN]
- sudo certbot certonly --webroot -w /var/www/mbirgin/beyazhastane.com/ -d beyazhastane.com,www.beyazhastane.com
- sudo certbot certonly --webroot -w /var/www/mbirgin/mbirgin.com/ -d mbirgin.com -d www.mbirgin.com
Automatic renewing existing certificates
This method doesn't work for dns challenges
sudo certbot renew
List certificates:
sudo certbot certificates
Delete a certificate:
certbot delete --cert-name dl25.mbirgin.com
Renew a certain certificate by name:
sudo certbot renew --cert-name mbirgin.com
Alternative way to create a certificate:
sudo certbot certonly --agree-tos --manual --preferred-challenges dns --server https://acme-v02.api.letsencrypt.org/directory -d *.mbirgin.com -d mbirgin.com
Add / Remove a domain and Update an existed certificate:
sudo certbot certonly --cert-name mbirgin.com --webroot -w /var/www/ -d mbirgin.com,www.mbirgin.com,mim.mbirgin.com,vav.mbirgin.com,podcast.mbirgin.com,lnx.mbirgin.com,kit.mbirgin.com,dl25.mbirgin.com,blog.mbirgin.com,4yon.mbirgin.com,izlence.mbirgin.com,trade.mbirgin.com,quran.mbirgin.com,rotarradyo.mbirgin.com,local.mbirgin.com
Create certificates automatically using existed apache configurations:
sudo certbot --apache --no-redirect
References: