Certbot is an open source tool sponsored by the Electronic Frontier Foundation (EFF) for automated management and deployment of SSL/TLS certificates. An SSL/TLS certificate is a security protocol used to encrypt data transmitted between a website and its users. The main purpose of Certbot is to enable website administrators to easily obtain, deploy and renew these certificates to ensure the security of their websites.
Certbot supports many common web servers, including but not limited to Apache, Nginx, and Certbot also provides a universal plug-in system that enables it to be integrated with other web servers and environments.
Certbot works by communicating with Let's Encrypt to obtain free SSL/TLS certificates. Let's Encrypt is a non-profit certificate authority dedicated to providing free, automated and open SSL/TLS certificate services to promote broader encryption use on the Internet. The combination of Certbot and Let's Encrypt allows website administrators to easily enable HTTPS for their websites, improving website security and user privacy.
Debian/Ubuntu installation certbot
apt update -y && apt install -y certbot
Install certbot on CentOS
yum -y update && yum -y install certbot
Auto-renewal script
curl -O https://raw.githubusercontent.com/kejilion/sh/main/auto_cert_renewal.sh
chmod +x auto_cert_renewal.sh
Timed execution
echo “0 0 * * * cd ~ && ./auto_cert_renewal.sh” | crontab –
Apply for a certificate
Confirm that 80 and 443 are not occupied
certbot certonly –standalone -d $yuming –email (email protected) –agree-tos –no-eff-email –force-renewal
Certificate storage directory
ls /etc/letsencrypt/live/
Apply via DNS (domestic applications are available)
certbot certonly –manual –preferred-challenges dns -d yuming.com
Go to the domain name background to parse a TXT record
Fill in name and value
5 minutes after parsing
Return to the SSH terminal and press Enter to continue the application.
GIPHY App Key not set. Please check settings