SSL Guide
Getting Started
For this tutorial Certbot will be used. Other open source clients which utilize Let's Encrypt as well however.
Certbot is a free, open source software tool for automatically using Let’s Encrypt certificates on manually-administrated websites to enable HTTPS.
Certbot is an interface with Let's Encrypt service, a CLI tool that can be used to generate and renew your certificates. With this example Canonical Ubuntu 20.04 will be used.
First you will want to run essential commands:
sudo apt update && upgrade
sudo apt install certbot
You can also look into installing either python3-certbot-apache
or python3-certbot-nginx
as well for automatic usage. The status of these plugins can be viewed using the command below:
certbot plugins
CLI Usage
Standalone mode will be the priority for this tutorial.
--manual
: Specifies whether or not plugins will be used to make this automatic
--preferred-challenges
: Can either be DNS or HTTP. DNS is the preferred option as for verification you will resort to adding a TXT record to your zone.
--d
: Specifies the domain that will be used for renewal
sudo certbot certonly --manual --preferred-challenges dns -d \*.example.com
Note how the domain is wildcarded. This is particularly important for users who wish to maintain an active proxy service with many domains/subdomains.