Wednesday, May 15, 2024

Letsencrypt : Generate Let’s Encrypt Wildcard SSL Certificate

1.Install Let’s Encrypt Certbot Tool
#sudo apt-get OR dnf install letsencrypt

2.Generate Let’s Encrypt Wildcard SSL Certificate
#sudo certbot certonly --manual --preferred-challenges=dns --email webmaster@example.com --server https://acme-v02.api.letsencrypt.org/directory --agree-tos -d example.com  -d *.example.com

3.Certificates are generated and can be downloaded from the following path
#/etc/letsencrypt/live/example.com/

4.Generate Let’ Encrypt SSL certificate Manually using the DNS record using Certbot
- Create a variable for your desired domain
#DOMAIN=example.com

- Request a certificate using Certbot
#certbot certonly --manual -d *.$DOMAIN -d $DOMAIN --agree-tos --manual-public-ip-logging-ok --preferred-challenges dns-01 --server https://acme-v02.api.letsencrypt.org/directory --register-unsafely-without-email --rsa-key-size 4096

- A value for a new DNS record will prompt
--------------------------------------------------------------------
Please deploy a DNS TXT record under the name_acme-challenge.example.com with the following value:XXXXXXXXXXXXXXXXXXXXXXXXX
Before continuing, verify the record is deployed.
--------------------------------------------------------------------

- Copy and add the value into DNS server, add a new TXT record
_acme-challenge.iderc.my.    3600    IN    TXT    "XXXXXXXXXXXXXXXXXXXXXXXXX"

- Before Enter the second time check if records were deployed 

- Install Certificate and Key
key will generate in this folder /etc/letsencrypt/live/example.com

5.Generate Let’ Encrypt SSL certificate Manually using the http challenge using Certbot
- Create a variable for your desired domain
#DOMAIN=example.com

- Request a certificate using Certbot
#certbot certonly --manual --preferred-challenges http -d *.$DOMAIN -d $DOMAIN --agree-tos --manual-public-ip-logging-ok --preferred-challenges dns-01 --server https://acme-v02.api.letsencrypt.org/directory --register-unsafely-without-email --rsa-key-size 4096

- After get an output, then need to create an index.html with the above string
/.well-known/acme-challenge/xxxxxxxxxxxxxxxxxxxxxxx/index.html

- Install Certificate and Key
key will generate in this folder /etc/letsencrypt/live/example.com

Related Posts:

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)