Back to blog

certbot cheatsheet

  • November 16, 2022
  • 1 min read

Install

sudo snap install --classic certbot

Issue Certificates

HTTP challenge in a nginx setup

sudo certbot certonly --webroot -w /data/letsencrypt/ -d yourdomain.com
nginx configuration 
server {
    listen 80 default_server;
    listen [::]:80 default_server;

    location ^~ /.well-known {
      allow all;
      root  /data/letsencrypt/;
    }

    location / {
        return 301 https://$host$request_uri;
    }
}

Manually using DNS challenge

certbot certonly -d *.tharindupremasiri.me --manual --preferred-challenges dns

Renew

Renew certificates

certbot renew

Dry run renew

Need to make sure your configuration will be work on auto-renew. Use Following command :

certbot renew --dry-run