Difference between revisions of "Template:Let’s Encrypt/New Cert Command"

From wiki
(Rename script)
(Sudo + update certbot output)
Line 32: Line 32:
 
</noinclude><includeonly>{{#tag:syntaxhighlight|
 
</noinclude><includeonly>{{#tag:syntaxhighlight|
 
{{#if: {{{beforeCommand|}}} | {{{beforeCommand}}} }}
 
{{#if: {{{beforeCommand|}}} | {{{beforeCommand}}} }}
# /usr/local/sbin/certmanage
+
$ sudo /usr/local/sbin/certmanage
 
Renewing certificate for {{{domain}}} that will expire on 0001-01-01
 
Renewing certificate for {{{domain}}} that will expire on 0001-01-01
  
 
+
Saving debug log to /var/log/letsencrypt/letsencrypt.log
 +
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
 +
Obtaining a new certificate
 +
Performing the following challenges:
 +
http-01 challenge for {{{domain}}}
 +
Using the webroot path /var/www/acme-challenge for all unmatched domains.
 +
Waiting for verification...
 +
Cleaning up challenges
 +
Generating key (2048 bits): /etc/letsencrypt/keys/1764_key-certbot.pem
 +
Creating CSR: /etc/letsencrypt/csr/1764_csr-certbot.pem
  
 
IMPORTANT NOTES:
 
IMPORTANT NOTES:
 
  - Congratulations! Your certificate and chain have been saved at
 
  - Congratulations! Your certificate and chain have been saved at
   /etc/letsencrypt/live/{{{domain}}}/fullchain.pem. Your
+
   /etc/letsencrypt/live/{{{domain}}}/fullchain.pem. Your cert
   cert will expire on {{#time: Y-m-d | now + 90 day}}. To obtain a new version of the
+
   will expire on {{#time: Y-m-d | now + 90 day}}. To obtain a new or tweaked version of
   certificate in the future, simply run Let's Encrypt again.
+
   this certificate in the future, simply run certbot again. To
  - If you like Let's Encrypt, please consider supporting our work by:
+
  non-interactively renew *all* of your certificates, run "certbot
 +
  renew"
 +
  - If you like Certbot, please consider supporting our work by:
  
 
   Donating to ISRG / Let's Encrypt:  https://letsencrypt.org/donate
 
   Donating to ISRG / Let's Encrypt:  https://letsencrypt.org/donate

Revision as of 11:41, 11 December 2016

Description

Show Let’s Encrypt command to create a new certificate

Template parameters

ParameterDescriptionTypeStatus
Domaindomain

For wich domain will you certificate be issued

Example
wiki.example.com
Stringrequired
Commandcommand

Command to be run after certificate creation

Example
service nginx restart
Stringrequired
Before CommandbeforeCommand

Command to be run before getting the certificate

Example
# service nginx reload
Stringoptional

Example

{{Let’s Encrypt/New Cert Command|domain=example.com|command=service nginx reload}}

$ sudo /usr/local/sbin/certmanage
Renewing certificate for example.com that will expire on 0001-01-01

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for example.com
Using the webroot path /var/www/acme-challenge for all unmatched domains.
Waiting for verification...
Cleaning up challenges
Generating key (2048 bits): /etc/letsencrypt/keys/1764_key-certbot.pem
Creating CSR: /etc/letsencrypt/csr/1764_csr-certbot.pem

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at
   /etc/letsencrypt/live/example.com/fullchain.pem. Your cert
   will expire on 2025-02-19. To obtain a new or tweaked version of
   this certificate in the future, simply run certbot again. To
   non-interactively renew *all* of your certificates, run "certbot
   renew"
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

Restarting services:
service nginx reload