Skip to content

Instantly share code, notes, and snippets.

@brccabral

brccabral/README.md

Created April 28, 2025 21:30
Show Gist options
  • Save brccabral/387c13b4c6b6c52113dd2a8b4e48f6e6 to your computer and use it in GitHub Desktop.
Save brccabral/387c13b4c6b6c52113dd2a8b4e48f6e6 to your computer and use it in GitHub Desktop.
Download ZIP
Let's Encrypt Certbot
Raw
README.md

Let's Encrypt Certbot

sudo apt update
sudo apt install python3 python3-venv libaugeas0
# remove if installed from package manager, use python version
# sudo apt-get remove certbot
sudo python3 -m venv /opt/certbot/
sudo /opt/certbot/bin/pip install --upgrade pip
sudo /opt/certbot/bin/pip install certbot certbot-nginx
sudo ln -s /opt/certbot/bin/certbot /usr/bin/certbot
sudo certbot certonly --manual --preferred-challenges dns -d mydomain.com

Certbot will ask for a new TXT entry in your domain manager (GoDaddy, Squarespace, ...).
Create the TXT with low TTL in your domain manager.
It may take some time, so, in a new terminal session (can be your local machine) run nslookup at every 5 seconds to see the TXT response until it matches the asked value.

watch -n 5 nslookup -type=TXT _acme-challenge.mydomain.com

After it is confirmed, add +x permission to give other users access to it.

sudo chmod +x /etc/letsencrypt/live

Certificate is saved at: /etc/letsencrypt/live/mydomain.com-xyz/fullchain.pem
Key is saved at: /etc/letsencrypt/live/mydomain.com-xyz/privkey.pem

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment