domain='ksi.kiev.ua'
- install cerbot
-
yum install epel-release yum install -y python3 pip3 install requests yum install certbot python3-certbot-nginx wget https://github.com/joohoi/acme-dns-certbot-joohoi/raw/master/acme-dns-auth.py /tmp chmod +x /tmp/acme-dns-auth.py sed -i 's/env python2/python3/g' /tmp/acme-dns-certbot.py mv /tmp/acme-dns-auth.py /etc/letsencrypt/
-
- pip3 install requests
- Generete request by DNS:
-
certbot -d *.$domain--manual --preferred-challenges dns certonly in your registration
- add DNS TXT record
- _acme-challenge.$MyDomain
-
- Generete request by HTTP:
-
sudo certbot certonly --manual --preferred-challenges http -d $domain
ssh {hostinh_host}
mkdir /var/www/application/public/.well-known/acme-challenge
echo "-----------------------" > ****************************
-
- cd /etc/letsencrypt/live/$domain
- list you tls cert
-
ll | awk '{print $9}' | grep pem
cert.pem
chain.pem
fullchain.pem
privkey.pem
-
- Export from *.pfx
-
cd /etc/letsencrypt/live/$domain/
openssl pkcs12 \
-in cert.pfx \
-password pass:Qq123456Qq \
-nocerts \
-out cert.key \
-nodesopenssl pkcs12 \
-in pace-licensing.infopulse.local.pfx \
-password pass:Qq123456Qq \
-nokeys \
-out pace-licensing.infopulse.local.crt \
-nodes
-
- Export to *.pfx
-
cd /etc/letsencrypt/live/$domain/
openssl pkcs12 \
-password pass:Qq123456Qq \
-export \
-out /etc/letsencrypt/live/$domain/$domain.pfx \
-inkey /etc/letsencrypt/live/$domain/privkey.pem \
-in /etc/letsencrypt/live/$domain/cert.pem \
-certfile /etc/letsencrypt/live/$domain/chain.pem
cp /etc/letsencrypt/live/$domain/certificate.pfx /tmp
-