Certbot’s DNS plugins which can be used to automate obtaining a wildcard certificate from Let’s Encrypt’s ACMEv2 server now are not available in some official repository.
IF you don’t want to wait, you can use these plugins now by use certbot from source.
Get and prepare certbot v0.24.0 from source
#/usr/bin/env bash git clone https://github.com/certbot/certbot cd certbot git checkout -b v0.24.0 sudo ./certbot-auto --os-packages-only ./tools/venv.sh exit 0
Clear old certificate if exist
#!/usr/bin/env bash
sudo rm -rf /etc/letsencrypt/archive/{Your old domain}
sudo rm -rf /etc/letsencrypt/live/{Your old domain}
sudo rm -rf /etc/letsencrypt/renewal/{Your old domain}
exit 0
Create cloudflare API key file and chmod to 0600
# Cloudflare API credentials used by Certbot dns_cloudflare_email = [email protected] dns_cloudflare_api_key = your_cloudflare_api_key
Issue a new wildcards certificate
#!/usr/bin/env bash
source {Path to certbot source}/venv/bin/activate
CBOT=$(which certbot)
${CBOT} certonly \
--server "https://acme-v02.api.letsencrypt.org/directory" \
--rsa-key-size 4096 \
--agree-tos \
--email {[email protected]} \
--preferred-challenges dns-01 \
--dns-cloudflare \
--dns-cloudflare-credentials {Path to your cloudflare API key file} \
-d {*.your.domain}
exit 0
Renew with certbot
#!/usr/bin/env bash
source {Path to certbot source}/venv/bin/activate
CERT_BOT=$(which certbot)
${CERT_BOT} renew \
--rsa-key-size 4096 \
--agree-tos \
--email {[email protected]}
nginx -s reload
exit 0
Kawin Viriyaprasopsook
System administrator at Zercle Technology Co., Ltd.
System admin กากๆ
รักในการเล่นเกม
ชอบดู Anime ญี่ปุ่น
รักในการเล่นเกม
ชอบดู Anime ญี่ปุ่น
Latest posts by Kawin Viriyaprasopsook (see all)
- Kernel tuning for linux server - 2019-03-28
- [Workaround] Override docker systemd service - 2019-01-04
- Use LZ4 with tar for compress multiple directories - 2018-12-15
thousand times thanks you for this howto