Install certbot > 0.22 to get wildcard support

root@xxx:[~]# apt install certbot python-certbot-apache python3-certbot-dns-rfc2136
root@xxx:[~/LETSENCRYPT]# dnssec-keygen -a HMAC-SHA512 -b 512 -n HOST acme-challenge

Create a new cert for perdichizzi.net + *.perdichizzi.net

  • Method using DNS to authenticate
root@xxx:[~]# certbot -d perdichizzi.net -d "*.perdichizzi.net" certonly --dns-rfc2136 --dns-rfc2136-credentials ~/.secrets/certbot/rfc2136.ini --dns-rfc2136-propagation-seconds 10

Create a new cert for leurent.ch using webroot folder

  • Method creating a file in the web folder
root@xxx:[~]# certbot --authenticator webroot --installer apache --webroot-path /home/web/www.perdichizzi.net -d perdichizzi.net -d www.perdichizzi.net

Force Renewal

root@xxx:[~]# certbot renew --force-renewal