Let’s Encrypt wildcard certificate configuration with AWS Route 53 DNS by @Sharl…
Let’s Encrypt wildcard certificate configuration with AWS Route 53 DNS by @Sharlos https://t.co/gSuKvZTFc8
— Cristian O. Balan (@oviliz) June 28, 2018
In a nutshell:
mkdir ~/.aws nano ~/.aws/credentials #[default] #aws_access_key_id = ABC #aws_secret_access_key = XYZ chmod 400 ~/.aws/credentials chmod 500 ~/.aws apt-get install software-properties-common add-apt-repository ppa:certbot/certbot apt update && apt install python-certbot-nginx python-pip python-asn1crypto python-certifi python-cffi-backend python-cryptography python-enum34 python-idna python-ipaddress pip install --upgrade pip certbot --version pip install certbot_dns_route53==0.26.1 mkdir -p /opt/letsencrypt/config mkdir -p /opt/letsencrypt/log mkdir -p /opt/letsencrypt/work certbot certonly -d hosting.oviliz.com --dns-route53 --logs-dir /opt/letsencrypt/log/ --config-dir /opt/letsencrypt/config/ --work-dir /opt/letsencrypt/work/ -m [email protected] --agree-tos --non-interactive --server https://acme-v02.api.letsencrypt.org/directory /usr/local/bin/certbot renew --dns-route53 --logs-dir /opt/letsencrypt/log/ --config-dir /opt/letsencrypt/config/ --work-dir /opt/letsencrypt/work/ --non-interactive --server https://acme-v02.api.letsencrypt.org/directory --post-hook "service nginx reload"
Or if you’re using DNS Made Easy:
#... nano ~/.dnsmadeeasy/credentials #dns_dnsmadeeasy_api_key = ABC #dns_dnsmadeeasy_secret_key = XYZ #... certbot certonly -d hosting.oviliz.com --dns-dnsmadeeasy --dns-dnsmadeeasy-credentials ~/.dnsmadeeasy/credentials --logs-dir /opt/letsencrypt/log/ --config-dir /opt/letsencrypt/config/ --work-dir /opt/letsencrypt/work/ -m [email protected] --agree-tos --non-interactive --server https://acme-v02.api.letsencrypt.org/directory /usr/local/bin/certbot renew --dns-route53 --logs-dir /opt/letsencrypt/log/ --config-dir /opt/letsencrypt/config/ --work-dir /opt/letsencrypt/work/ --non-interactive --server https://acme-v02.api.letsencrypt.org/directory --post-hook "service nginx reload"
The same concept can be obviously applied with Cloudflare and so on.