Code: Select all
wget https://dl.eff.org/certbot-auto
chmod a+x certbot-auto
Then, the command to use the manual plugin will look something like this:
Code: Select all
./certbot-auto certonly --manual -d *.example.com -d example.com --preferred-challenges dns-01 --server https://acme-v02.api.letsencrypt.org/directory
If succeed you will see message below:
Then you can simply change extension of the privkey.pem to privkey.key; cert.pem to cert.crt; chain.pem to chain.crt;
What is returned by the ACME protocol is basically the fullchain.pem file. It’s the signed certificate plus one or more certificates that make up the issuing CA chain. So you then just split that out into cert.pem (the first cert in the file) and chain.pem (the rest of the file). It’s a plain text file and you should be able to see the cert delineations fairly easily.
You’re correct that privkey.pem is the private key you already used to sign the cert request.
Source:
https://community.letsencrypt.org/t/get ... tbot/56285
https://lists.centos.org/pipermail/cent ... 29876.html
https://habr.com/ru/post/413017/
https://stackoverflow.com/questions/137 ... rt-and-key
https://support.code42.com/Administrato ... a_keystore
https://stackoverflow.com/questions/503 ... om-scratch
https://community.letsencrypt.org/t/gen ... cate/78376