IT/Software/Server Config/SSL Certificates/certbot: Difference between revisions
Access restrictions were established for this page. If you see this message, you have no access to this page.
Walttheboss (talk | contribs) No edit summary |
Walttheboss (talk | contribs) No edit summary |
||
Line 24: | Line 24: | ||
*Checking Certificates | *Checking Certificates | ||
sudo certbot certificates | <code>sudo certbot certificates</code> | ||
*You will get a nice list of certs with their expiry dates. | |||
*Renewing Certificates | |||
** This must be done every 90 days and can be done as much as 30 days early | |||
<code>sudo certbot renew</code> | |||
*Force Renewal | |||
** This can eat into your allotment so only do as needed | |||
*** This needed to happen once due to a Lets Encrypt bug | |||
<code>sudo certbot --force-renewal</code> | |||
*You still need to pick the domains and then choose to redirect https is you want. | |||
** Normally we do want the forced redirect to https. | |||
<br /> | <br /> |
Revision as of 05:08, 5 March 2020
- This is a wonderful tool to install and manage SSL certificates on servers.
- Background
- Get it from from here.
- Their documentation is really well done.
- Know what version you are on
apt-cache policy certbot | grep -i Installed
- Install
- You can install from the package maintaners version from 18.04 and on
- I recommend the ppa version
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
- Use
- Basic installation of a certificat
- Checking Certificates
sudo certbot certificates
- You will get a nice list of certs with their expiry dates.
- Renewing Certificates
- This must be done every 90 days and can be done as much as 30 days early
sudo certbot renew
- Force Renewal
- This can eat into your allotment so only do as needed
- This needed to happen once due to a Lets Encrypt bug
- This can eat into your allotment so only do as needed
sudo certbot --force-renewal
- You still need to pick the domains and then choose to redirect https is you want.
- Normally we do want the forced redirect to https.