Install certbot > 0.22 to get wildcard support
root@xxx:[~]# apt install certbot python-certbot-apache python3-certbot-dns-rfc2136
- https://certbot-dns-rfc2136.readthedocs.io/en/stable/ will help you create a TSIG keys for auto updates
root@xxx:[~/LETSENCRYPT]# dnssec-keygen -a HMAC-SHA512 -b 512 -n HOST acme-challenge
Create a new cert for perdichizzi.net + *.perdichizzi.net
- Method using DNS to authenticate
root@xxx:[~]# certbot -d perdichizzi.net -d "*.perdichizzi.net" certonly --dns-rfc2136 --dns-rfc2136-credentials ~/.secrets/certbot/rfc2136.ini --dns-rfc2136-propagation-seconds 10
Create a new cert for leurent.ch using webroot folder
- Method creating a file in the web folder
root@xxx:[~]# certbot --authenticator webroot --installer apache --webroot-path /home/web/www.perdichizzi.net -d perdichizzi.net -d www.perdichizzi.net
Force Renewal
root@xxx:[~]# certbot renew --force-renewal