Let’s Encrypt Pan-domain certificate application and automatic renewal
Keyword: SSL certificate, HTTPS
For the first time to apply for
1. Download certbot
wget https://dl.eff.org/certbot-auto
chmod a+x certbot-auto
./certbot-auto
Copy the code2. The format
./certbot-auto certonly -d*. Your domain name --manual --preferred-challenges DNSCopy the codeThe sample
./certbot-auto certonly -d *.butukeji.com --manual --preferred-challenges dns
Copy the code3. The next step will prompt you whether you agree to the IP being recorded.
Enter Y agree
4. Add a DNS TXT record to the DNS server
5. Complete
Wait about 10 seconds and Enter, you can see the certificate path and private key path that are automatically applied successfully:
update
/ Certbot -auto renew I have not been successful in this way. DNS renew actually needs to add the TXT record of DNS verification, so directly renew will fail.
- You can write automatic DNS authentication scripts using the DNS operator’s interface,
- I myself lui a set of Ali cloud DNS automatically add TXT records, automatic verification procedures, used to automatically update the certificate, of course, when the application can also be used to remove the trouble of manually adding TXT records, currently on Github, clone down, a simple command can automatically update
./auto-renew.sh
Copy the codeAutomatic validation service github repository
Github.com/zphiliam/ce…