Skip to content

Instantly share code, notes, and snippets.

@yelizariev

yelizariev/Letsencrypt Wildcard DNS manual.rst

Forked from Rusllan/Letsencrypt Wildcard DNS manual.rst
Last active February 20, 2021 00:12
Show Gist options
  • Save yelizariev/2ef9df8d43289663e101706da983880c to your computer and use it in GitHub Desktop.
Save yelizariev/2ef9df8d43289663e101706da983880c to your computer and use it in GitHub Desktop.
Download ZIP
Issue certificate with DNS manual mode
Raw
Letsencrypt Wildcard DNS manual.rst

Certificate issue in DNS manual mode

Done according to https://github.com/Neilpang/acme.sh/wiki/dns-manual-mode

Warning: DNS manual mode can not renew automatically. For renewal you need to repeat steps below each time. Certificate needs to be renewed within 90 days.

  • Install client

    git clone https://github.com/Neilpang/acme.sh.git

    cd ./acme.sh

    ./acme.sh --install

  • Get values for TXT records for DNS records:

    acme.sh --issue --dns -d it-projects.info -d '*.it-projects.info' -d '*.apps.it-projects.info' --yes-I-know-dns-manual-mode-enough-go-ahead-please

  • Add the TXT records to your DNS records.

  • Check TXT records via dig:

    dig _acme-challenge.it-projects.info -t txt

  • Get your certificate with --renew command:

    acme.sh --debug --renew -d it-projects.info -d '*.it-projects.info' -d '*.apps.it-projects.info' --yes-I-know-dns-manual-mode-enough-go-ahead-please

Note. It may not work from first time and you get "Wrong TXT value" error. If so, try the process again (from --issue command)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment