Let's Encrypt is an organization that provides free SSL/TLS certificates, allowing websites to securely transmit data. Its certificates are free, automated, and support rapid deployment. Below are two systems for applying for Let's Encrypt certificates.
Windows System
Example System Version:
1. Download the certbot tool for Windows system from: https://dl.eff.org/certbot-beta-installer-win32.exe
2. Click on the installation file and select "Yes" to proceed with the installation.
3. Click "Next."
4. Click "Install."
5. Click "Finish."
6. Type "powershell" in the search bar, then hover over "Windows PowerShell" and right-click to select "Run as administrator."
7. Enter the following command to test certbot: certbot --version
certbot --version |
8. The following example demonstrates certificate application using the domain foodsloth.store. Please ensure that you own the domain name.
Enter the following command to apply for a certificate using DNS validation and request a wildcard domain certificate.
Replace the yellow portion with your email address and the red portion with your domain name:
certbot certonly --manual --preferred-challenges dns -m noc@example.com -d *.foodsloth.store -d foodsloth.store |
9. You will be shown the path to the debugging log file and asked to input 'y' to agree to the terms of service.
10. You may be asked if you are willing to provide your email to the Electronic Frontier Foundation (EFF).
11. Next, return to your domain management platform and follow the system prompts to add a TXT record. In this example, it would be:
12. You can open a web browser and enter the red line URL to check if the TXT record is effective.
13. Once the resolution is effective, return to PowerShell and press "Enter." The system will prompt the path where the certificate and key are placed. The certificate is valid for 90 days.
Unix-like Systems
Ubuntu
This example is for Ubuntu 18.04 version.
1. Installing certbot will require the use of snap. Starting from the following versions and above, snap is pre-installed:
2. Enter the following command to update snap:
sudo snap install core; sudo snap refresh core |
3. Enter the following command to install certbot:
sudo snap install --classic certbot |
Centos 7
This example is for CentOS 7 version.
# yum install snapd -y # systemctl enable --now snapd.socket # ln -s /var/lib/snapd/snap /snap # snap install certbot --classic # /var/lib/snapd/snap/bin/certbot --version # ln -s /var/lib/snapd/snap/bin/certbot /usr/bin/certbot # certbot --version certbot 2.6.0 |
4. Enter the following command to confirm whether certbot is installed successfully:
certbot --version |
5. The following example demonstrates certificate application using the domain lalamove.site. Please ensure that you own the domain name. Enter the following command to apply for a certificate using DNS validation and request a wildcard domain certificate.
Replace the yellow portion with your email address and the red portion with your domain name :
certbot certonly --manual --agree-tos \ -d "*.lalamove.site" \ -d "lalamove.site" \ --email noc@example.com \ --preferred-challenges dns \ --manual-public-ip-logging-ok \ --server https://acme-v02.api.letsencrypt.org/directory |
6. The system will ask if you want to provide your email to EEF.
7. Return to your domain management platform and follow the system prompts to add a TXT record. In this example:
8. You can open a web browser and enter the red line URL to check if the TXT record is effective.
9. Once the resolution is effective, return to the terminal and press "Enter." Upon successful verification, the system will prompt the path where the certificate and key are placed. The certificate is valid for 90 days.