There are two main modes to run the Let's Encrypt client (called Certbot
):
- Standalone: replaces the webserver to respond to ACME challenges
- Webroot: needs your webserver to serve challenges from a known folder.
Webroot is better because it doesn't need to replace Nginx (to bind to port 80).
In the following, we're setting up mydomain.com
.
HTML is served from /var/www/mydomain
, and challenges are served from /var/www/letsencrypt
.