Latest revision as of 13:53, 20 November 2025

Free SSL certificates

Links

HOWTO

Disable auto renewal

Rename renewal file'

/etc/letsencrypt/renewal/example.com.conf.disabled

or in /etc/letsencrypt/renewal/example.com.conf under [renewalparams] add:

autorenew = False

Update cert(s)

certbot

Remove certs/domain

certbot delete --cert-name www.example.com

or run

certbot delete

Which might throw 'Another instance of Certbot is already running.', in that case

systemctl stop certbot

and remember to start it again if you need it

Restart service after renewal

In etc/letsencrypt/renewal/example.com.conf under [renewalparams] add

renew_hook = systemctl reload dovecot

With and without www

certbot --apache -d example.com -d www.example.com

Allow access to non-root user

setfacl -R -m u:someuser:rX /etc/letsencrypt/{live,archive}/example.org, and then
setfacl -m u:someuser:rX /etc/letsencrypt/{live,archive}

FAQ

Certbot Error messages

This website does not supply ownership information.

sod that

archive directory exists

Maybe you're using SNI, try

certbot --apache -d "www.example.com,example"

Failed to parse: https://acme-v02.api.letsencrypt.org/directory

Most likely your system is using an old urllib3, which relies on python3-six. If Ubuntu: switch to Certbot using snap

@@ Line 1: / Line 1: @@
 Free SSL certificates
+&nbsp;
 = Links =
 *[https://letsencrypt.org/ Homepages]
-*https://certbot.eff.org/all-instructions
+*[https://certbot.eff.org/instructions Certbot instructions]
+*[https://github.com/go-acme/lego LEGO]
+=HOWTO=
+==Disable auto renewal==
+Rename renewal file'
+ /etc/letsencrypt/renewal/example.com.conf.disabled
+or in '''/etc/letsencrypt/renewal/example.com.conf''' under '''[renewalparams]''' add:
+ autorenew = False
+== Update cert(s) ==
-=FAQ=
-==Update cert(s)==
   certbot
+==Remove certs/domain==
+ certbot delete --cert-name www.example.com
+or run
+ certbot delete
+Which might throw 'Another instance of Certbot is already running.', in that case
+ systemctl stop certbot
+and remember to start it again if you need it
+== Restart service after renewal ==
+In '''etc/letsencrypt/renewal/example.com.conf''' under '''[renewalparams]''' add
+ renew_hook = systemctl reload dovecot
+==With and without www==
+ certbot --apache -d example.com -d www.example.com
+==Allow access to non-root user==
+ setfacl -R -m u:someuser:rX /etc/letsencrypt/{live,archive}/example.org, and then
+ setfacl -m u:someuser:rX /etc/letsencrypt/{live,archive}
+= FAQ =
+==Certbot Error messages==
+===This website does not supply ownership information.===
+sod that
+===archive directory exists===
+Maybe you're using SNI, try
+ certbot --apache -d "www.example.com,example"
+===Failed to parse: https://acme-v02.api.letsencrypt.org/directory===
+Most likely your system is using an old urllib3, which relies on python3-six.
+If Ubuntu: switch to [https://community.letsencrypt.org/t/how-to-upgrade-certbot-installed-using-snap-on-ubuntu-20-04/187515/3 Certbot using snap]

Anonymous

Search

Letsencrypt: Difference between revisions

Namespaces

More

Page actions

Latest revision as of 13:53, 20 November 2025

Contents

Links

HOWTO

Disable auto renewal

Update cert(s)

Remove certs/domain

Restart service after renewal

With and without www

Allow access to non-root user

FAQ

Certbot Error messages

This website does not supply ownership information.

archive directory exists

Failed to parse: https://acme-v02.api.letsencrypt.org/directory

Navigation

Navigation

Wiki tools

Wiki tools

Anonymous

Search

Letsencrypt: Difference between revisions

Latest revision as of 13:53, 20 November 2025

Links

HOWTO

Disable auto renewal

Update cert(s)

Remove certs/domain

Restart service after renewal

With and without www

Allow access to non-root user

FAQ

Certbot Error messages

This website does not supply ownership information.

archive directory exists

Failed to parse: https://acme-v02.api.letsencrypt.org/directory

Navigation

Wiki tools

Page tools