Let's Encrypt & Certbot
Installation
Ubunutu
add-apt-repository ppa:certbot/certbot
apt-get update && apt-get install python-certbotCentOS
yum install epel-release
yum install python-certbot certbotCertbot
You must stop anything on port 443/80 before starting certbot
certbot certonly --standalone -d example.comYou can use the crt/privkey from this path
ls /etc/letsencrypt/live/example.comcert.pem chain.pem fullchain.pem privkey.pem README
If you need a DH for you web.conf you can do
openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048Renew crt
crontab -e15 3 * * * /usr/bin/certbot renew --quietWildcard certbot dns plugin
Install certbot nginx
apt install python3-pip
pip3 install certbot-dns-digitaloceanmkdir -p ~/.secrets/certbot/
vim ~/.secrets/certbot/digitalocean.inidns_digitalocean_token = XXXXXXXXXXXXXXX
Certbot config
certbot certonly --dns-digitalocean --dns-digitalocean-credentials ~/.secrets/certbot/digitalocean.ini -d www.domain.comcorontab -e15 3 * * * /usr/bin/certbot renew --quiet