Letsencrypt

From DWIKI

Free SSL certificates

 

Links

HOWTO

Disable auto renewal

Rename renewal file'

/etc/letsencrypt/renewal/example.com.conf.disabled

or in /etc/letsencrypt/renewal/example.com.conf under [renewalparams] add:

autorenew = False

Update cert(s)

certbot

Remove certs/domain

certbot delete --cert-name www.example.com

With and without www

certbot --apache -d example.com -d www.example.com


Allow access to non-root user

setfacl -R -m u:someuser:rX /etc/letsencrypt/{live,archive}/example.org, and then
setfacl -m u:someuser:rX /etc/letsencrypt/{live,archive}

FAQ

Certbot Error messages

This website does not supply ownership information.

sod that


archive directory exists

Maybe you're using SNI, try

certbot --apache -d "www.example.com,example"


Failed to parse: https://acme-v02.api.letsencrypt.org/directory

Most likely your system is using an old urllib3, which relies on python3-six. If Ubuntu: switch to Certbot using snap