Windows (wildcard certificate from letsencrypt certbot and godaddy)
download and Install certbot for Windows PC and put the executable folder location to the computer environment path.
letsencrypt certbot Client Generate Certificate that can be installed in our Windows system ISS server as well as it works on Linux Apache/Nginx.
certbot --help
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
certbot [SUBCOMMAND] [options] [-d DOMAIN] [-d DOMAIN] ...
Certbot can obtain and install HTTPS/TLS/SSL certificates. By default,
it will attempt to use a webserver both for obtaining and installing the
certificate. The most common SUBCOMMANDS and flags are:
obtain, install, and renew certificates:
(default) run Obtain & install a certificate in your current webserver
certonly Obtain or renew a certificate, but do not install it
renew Renew all previously obtained certificates that are near
expiry
enhance Add security enhancements to your existing configuration
-d DOMAINS Comma-separated list of domains to obtain a certificate for
(the certbot apache plugin is not installed)
--standalone Run a standalone webserver for authentication
(the certbot nginx plugin is not installed)
--webroot Place files in a server's webroot folder for authentication
--manual Obtain certificates interactively, or using shell script
hooks
-n Run non-interactively
--test-cert Obtain a test certificate from a staging server
--dry-run Test "renew" or "certonly" without saving any certificates
to disk
manage certificates:
certificates Display information about certificates you have from Certbot
revoke Revoke a certificate (supply --cert-name or --cert-path)
delete Delete a certificate (supply --cert-name)
reconfigure Update a certificate's configuration (supply --cert-name)
manage your account:
register Create an ACME account
unregister Deactivate an ACME account
update_account Update an ACME account
show_account Display account details
--agree-tos Agree to the ACME server's Subscriber Agreement
-m EMAIL Email address for important account notifications
More detailed help:
-h, --help [TOPIC] print this message, or detailed help on a topic;
the available TOPICS are:
all, automation, commands, paths, security, testing, or any of the
subcommands or plugins (certonly, renew, install, register, nginx,
apache, standalone, webroot, etc.)
-h all print a detailed help page including all topics
--version print the version number
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -Now, we can use the following command to create the DNS TXT entry code. However, please note that any changes will not be reflected in our DNS record until and after the specified TTL (Time To Live) period. Therefore, wait for at least this time before hitting “continue” for proceeding.
NOTE:- I am currently using my own domain for this example, so feel free to change it to your specified domain name.
certbot certonly --manual --preferred-challenges=dns --register-unsafely-without-email --server https://acme-v02.api.letsencrypt.org/directory --agree-tos -d "*.altgr.in"Saving debug log to C:\Certbot\log\letsencrypt.log
Account registered.
Requesting a certificate for *.altgr.in
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please deploy a DNS TXT record under the name:
_acme-challenge.altgr.in.
with the following value:
Z0uayAWRl_mKWjAnJ2cqlFsmumEQRc0X7wz9pT5h1Co
Before continuing, verify the TXT record has been deployed. Depending on the DNS
provider, this may take some time, from a few seconds to multiple minutes. You can
check if it has finished deploying with aid of online tools, such as the Google
Admin Toolbox: https://toolbox.googleapps.com/apps/dig/#TXT/_acme-challenge.altgr.in.
Look for one or more bolded line(s) below the line ';ANSWER'. It should show the
value(s) you've just added.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Press Enter to ContinueLogin into Godaddy Account -> My Product -> DNS -> Add New Record
| Type | Name | Value | TTL |
|---|---|---|---|
| TXT | _acme-challenge | Z0uayAWRl_mKWjAnJ2cqlFsmumEQRc0X7wz9pT5h1Co | 600 |
[ENTER] -> Continue
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Press Enter to Continue
Successfully received certificate.
Certificate is saved at: C:\Certbot\live\altgr.in\fullchain.pem
Key is saved at: C:\Certbot\live\altgr.in\privkey.pem
This certificate expires on 2024-12-05.
These files will be updated when the certificate renews.
NEXT STEPS:
- This certificate will not be renewed automatically. Autorenewal of --manual certificates requires the use of an authentication hook script (--manual-auth-hook) but one was not provided. To renew this certificate, repeat this same certbot command before the certificate's expiry date.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
If you like Certbot, please consider supporting our work by:
* Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
* Donating to EFF: https://eff.org/donate-le
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Discover more from Altgr Blog
Subscribe to get the latest posts sent to your email.
