Install certbot and letsencrypt

sudo apt install certbot letsencrypt
sudo apt-get install python3-certbot-apache

Create a certificate:

sudo certbot certonly --manual --preferred-challenges=dns

List Certificates:

sudo certbot certificates

Renewing certificates:

sudo certbot certonly --manual --preferred-challenges=dns -d mbirgin.com,*.mbirgin.com

Note: Wildcard subdomains like *.mbirgin.com, supported by dns challenge.

2024-04 : with auto renewable way (not fully tested):

sudo certbot certonly --webroot -w /var/www/mbirgin/beyazhastane.com/ -d beyazhastane.com

The path /var/www/mbirgin/beyazhastane.com/.well-known/acme-challenge/[TOKEN] should be accessed by:

http://beyazhastane.com/.well-known/acme-challenge/[TOKEN]

• sudo certbot certonly --webroot -w /var/www/mbirgin/beyazhastane.com/ -d beyazhastane.com,www.beyazhastane.com

• sudo certbot certonly --webroot -w /var/www/mbirgin/mbirgin.com/ -d mbirgin.com -d www.mbirgin.com

Automatic renewing existing certificates

This method doesn't work for dns challenges

sudo certbot renew

List certificates:

sudo certbot certificates

Renew a certain certificate by name:

sudo certbot renew --cert-name mbirgin.com

Alternative way to create a certificate:

sudo certbot certonly --agree-tos --manual --preferred-challenges dns --server https://acme-v02.api.letsencrypt.org/directory -d *.mbirgin.com -d mbirgin.com

Create certificates automatically using existed apache configurations:

sudo certbot --apache --no-redirect

References:

• https://medium.com/@saurabh6790/generate-wildcard-ssl-certificate-using-lets-encrypt-certbot-273e432794d7
• https://certbot.eff.org/docs/using.html#manual
• https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-18-04
• https://www.tecmint.com/install-free-lets-encrypt-ssl-certificate-for-apache-on-debian-and-ubuntu/