All Instructions
- Apache on Web Hosting Service
- Nginx on Web Hosting Service
- Haproxy on Web Hosting Service
- Plesk on Web Hosting Service
- None of the above on Web Hosting Service
- Apache on Debian 7 (wheezy)
- Nginx on Debian 7 (wheezy)
- Haproxy on Debian 7 (wheezy)
- Plesk on Debian 7 (wheezy)
- None of the above on Debian 7 (wheezy)
- Apache on Debian 8 (jessie)
- Nginx on Debian 8 (jessie)
- Haproxy on Debian 8 (jessie)
- Plesk on Debian 8 (jessie)
- None of the above on Debian 8 (jessie)
- Apache on Debian 9 (stretch)
- Nginx on Debian 9 (stretch)
- Haproxy on Debian 9 (stretch)
- Plesk on Debian 9 (stretch)
- None of the above on Debian 9 (stretch)
- Apache on Debian testing/unstable
- Nginx on Debian testing/unstable
- Haproxy on Debian testing/unstable
- Plesk on Debian testing/unstable
- None of the above on Debian testing/unstable
- Apache on Debian (other)
- Nginx on Debian (other)
- Haproxy on Debian (other)
- Plesk on Debian (other)
- None of the above on Debian (other)
- Apache on Ubuntu 17.04 (zesty)
- Nginx on Ubuntu 17.04 (zesty)
- Haproxy on Ubuntu 17.04 (zesty)
- Plesk on Ubuntu 17.04 (zesty)
- None of the above on Ubuntu 17.04 (zesty)
- Apache on Ubuntu 16.10 (yakkety)
- Nginx on Ubuntu 16.10 (yakkety)
- Haproxy on Ubuntu 16.10 (yakkety)
- Plesk on Ubuntu 16.10 (yakkety)
- None of the above on Ubuntu 16.10 (yakkety)
- Apache on Ubuntu 16.04 (xenial)
- Nginx on Ubuntu 16.04 (xenial)
- Haproxy on Ubuntu 16.04 (xenial)
- Plesk on Ubuntu 16.04 (xenial)
- None of the above on Ubuntu 16.04 (xenial)
- Apache on Ubuntu 14.04 (trusty)
- Nginx on Ubuntu 14.04 (trusty)
- Haproxy on Ubuntu 14.04 (trusty)
- Plesk on Ubuntu 14.04 (trusty)
- None of the above on Ubuntu 14.04 (trusty)
- Apache on Ubuntu (other)
- Nginx on Ubuntu (other)
- Haproxy on Ubuntu (other)
- Plesk on Ubuntu (other)
- None of the above on Ubuntu (other)
- Apache on Gentoo
- Nginx on Gentoo
- Haproxy on Gentoo
- Plesk on Gentoo
- None of the above on Gentoo
- Apache on Arch Linux
- Nginx on Arch Linux
- Haproxy on Arch Linux
- Plesk on Arch Linux
- None of the above on Arch Linux
- Apache on Fedora 24+
- Nginx on Fedora 24+
- Haproxy on Fedora 24+
- Plesk on Fedora 24+
- None of the above on Fedora 24+
- Apache on CentOS 6
- Nginx on CentOS 6
- Haproxy on CentOS 6
- Plesk on CentOS 6
- None of the above on CentOS 6
- Apache on RHEL 6
- Nginx on RHEL 6
- Haproxy on RHEL 6
- Plesk on RHEL 6
- None of the above on RHEL 6
- Apache on CentOS/RHEL 7
- Nginx on CentOS/RHEL 7
- Haproxy on CentOS/RHEL 7
- Plesk on CentOS/RHEL 7
- None of the above on CentOS/RHEL 7
- Apache on FreeBSD
- Nginx on FreeBSD
- Haproxy on FreeBSD
- Plesk on FreeBSD
- None of the above on FreeBSD
- Apache on OpenBSD 5.9
- Nginx on OpenBSD 5.9
- Haproxy on OpenBSD 5.9
- Plesk on OpenBSD 5.9
- None of the above on OpenBSD 5.9
- Apache on OpenBSD 6.0+
- Nginx on OpenBSD 6.0+
- Haproxy on OpenBSD 6.0+
- Plesk on OpenBSD 6.0+
- None of the above on OpenBSD 6.0+
- Apache on OpenBSD (other)
- Nginx on OpenBSD (other)
- Haproxy on OpenBSD (other)
- Plesk on OpenBSD (other)
- None of the above on OpenBSD (other)
- Apache on macOS
- Nginx on macOS
- Haproxy on macOS
- Plesk on macOS
- None of the above on macOS
- Apache on Devuan Jessie 1.0
- Nginx on Devuan Jessie 1.0
- Haproxy on Devuan Jessie 1.0
- Plesk on Devuan Jessie 1.0
- None of the above on Devuan Jessie 1.0
- Apache on Devuan (other)
- Nginx on Devuan (other)
- Haproxy on Devuan (other)
- Plesk on Devuan (other)
- None of the above on Devuan (other)
- Apache on Other UNIX
- Nginx on Other UNIX
- Haproxy on Other UNIX
- Plesk on Other UNIX
- None of the above on Other UNIX
- Apache on Non-UNIX
- Nginx on Non-UNIX
- Haproxy on Non-UNIX
- Plesk on Non-UNIX
- None of the above on Non-UNIX
Apache on Web Hosting Service
Automated Install
Automated Get Started
If you have administrative shell access to your webserver and you're comfortable running commands on the command line, please select your server software and the operating system it is running from the dropdown menu above. If you don't have these privileges on your webserver or you're not familiar with command line server administration, Certbot probably isn't the best option to enable HTTPS on your site. Instead, you should check if your hosting provider has built-in Let's Encrypt support by contacting them or checking this list of supporting providers.
If your hosting provider doesn't provide built-in Let's Encrypt support, you should ask them to add it! Dozens of providers, with millions of customers, conveniently allow their users to obtain Let's Encrypt certificates automatically. Let's Encrypt works hard to make adding this support as easy possible and it is one of the easiest and best ways for users to increase the security of their websites.
Advanced Install
Advanced Get Started
If you have administrative shell access to your webserver and you're comfortable running commands on the command line, please select your server software and the operating system it is running from the dropdown menu above. If you don't have these privileges on your webserver or you're not familiar with command line server administration, Certbot probably isn't the best option to enable HTTPS on your site. Instead, you should check if your hosting provider has built-in Let's Encrypt support by contacting them or checking this list of supporting providers.
If your hosting provider doesn't provide built-in Let's Encrypt support, you should ask them to add it! Dozens of providers, with millions of customers, conveniently allow their users to obtain Let's Encrypt certificates automatically. Let's Encrypt works hard to make adding this support as easy possible and it is one of the easiest and best ways for users to increase the security of their websites.
Back to topNginx on Web Hosting Service
Automated Install
Automated Get Started
If you have administrative shell access to your webserver and you're comfortable running commands on the command line, please select your server software and the operating system it is running from the dropdown menu above. If you don't have these privileges on your webserver or you're not familiar with command line server administration, Certbot probably isn't the best option to enable HTTPS on your site. Instead, you should check if your hosting provider has built-in Let's Encrypt support by contacting them or checking this list of supporting providers.
If your hosting provider doesn't provide built-in Let's Encrypt support, you should ask them to add it! Dozens of providers, with millions of customers, conveniently allow their users to obtain Let's Encrypt certificates automatically. Let's Encrypt works hard to make adding this support as easy possible and it is one of the easiest and best ways for users to increase the security of their websites.
Advanced Install
Advanced Get Started
If you have administrative shell access to your webserver and you're comfortable running commands on the command line, please select your server software and the operating system it is running from the dropdown menu above. If you don't have these privileges on your webserver or you're not familiar with command line server administration, Certbot probably isn't the best option to enable HTTPS on your site. Instead, you should check if your hosting provider has built-in Let's Encrypt support by contacting them or checking this list of supporting providers.
If your hosting provider doesn't provide built-in Let's Encrypt support, you should ask them to add it! Dozens of providers, with millions of customers, conveniently allow their users to obtain Let's Encrypt certificates automatically. Let's Encrypt works hard to make adding this support as easy possible and it is one of the easiest and best ways for users to increase the security of their websites.
Back to topHaproxy on Web Hosting Service
Automated Install
Automated Get Started
If you have administrative shell access to your webserver and you're comfortable running commands on the command line, please select your server software and the operating system it is running from the dropdown menu above. If you don't have these privileges on your webserver or you're not familiar with command line server administration, Certbot probably isn't the best option to enable HTTPS on your site. Instead, you should check if your hosting provider has built-in Let's Encrypt support by contacting them or checking this list of supporting providers.
If your hosting provider doesn't provide built-in Let's Encrypt support, you should ask them to add it! Dozens of providers, with millions of customers, conveniently allow their users to obtain Let's Encrypt certificates automatically. Let's Encrypt works hard to make adding this support as easy possible and it is one of the easiest and best ways for users to increase the security of their websites.
Advanced Install
Advanced Get Started
If you have administrative shell access to your webserver and you're comfortable running commands on the command line, please select your server software and the operating system it is running from the dropdown menu above. If you don't have these privileges on your webserver or you're not familiar with command line server administration, Certbot probably isn't the best option to enable HTTPS on your site. Instead, you should check if your hosting provider has built-in Let's Encrypt support by contacting them or checking this list of supporting providers.
If your hosting provider doesn't provide built-in Let's Encrypt support, you should ask them to add it! Dozens of providers, with millions of customers, conveniently allow their users to obtain Let's Encrypt certificates automatically. Let's Encrypt works hard to make adding this support as easy possible and it is one of the easiest and best ways for users to increase the security of their websites.
Back to topPlesk on Web Hosting Service
Automated Install
Automated Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Advanced Install
Advanced Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Back to topNone of the above on Web Hosting Service
Automated Install
Automated Get Started
If you have administrative shell access to your webserver and you're comfortable running commands on the command line, please select your server software and the operating system it is running from the dropdown menu above. If you don't have these privileges on your webserver or you're not familiar with command line server administration, Certbot probably isn't the best option to enable HTTPS on your site. Instead, you should check if your hosting provider has built-in Let's Encrypt support by contacting them or checking this list of supporting providers.
If your hosting provider doesn't provide built-in Let's Encrypt support, you should ask them to add it! Dozens of providers, with millions of customers, conveniently allow their users to obtain Let's Encrypt certificates automatically. Let's Encrypt works hard to make adding this support as easy possible and it is one of the easiest and best ways for users to increase the security of their websites.
Advanced Install
Advanced Get Started
If you have administrative shell access to your webserver and you're comfortable running commands on the command line, please select your server software and the operating system it is running from the dropdown menu above. If you don't have these privileges on your webserver or you're not familiar with command line server administration, Certbot probably isn't the best option to enable HTTPS on your site. Instead, you should check if your hosting provider has built-in Let's Encrypt support by contacting them or checking this list of supporting providers.
If your hosting provider doesn't provide built-in Let's Encrypt support, you should ask them to add it! Dozens of providers, with millions of customers, conveniently allow their users to obtain Let's Encrypt certificates automatically. Let's Encrypt works hard to make adding this support as easy possible and it is one of the easiest and best ways for users to increase the security of their websites.
Back to topApache on Debian 7 (wheezy)
Automated Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it installs all of its own dependencies and updates the client code automatically.
Automated Get Started
Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo ./path/to/certbot-auto --apache
Running this command will get a certificate for you and have Certbot edit your Apache configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Apache configuration by hand, you can use the certonly subcommand:
$ sudo ./path/to/certbot-auto --apache certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it is a wrapper that installs all of its own dependencies and updates the client code automatically.
Advanced Get Started
Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo ./path/to/certbot-auto --apache
Running this command will get a certificate for you and have Certbot edit your Apache configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Apache configuration by hand, you can use the certonly subcommand:
$ sudo ./path/to/certbot-auto --apache certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Back to topNginx on Debian 7 (wheezy)
Automated Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it installs all of its own dependencies and updates the client code automatically.
Automated Get Started
Certbot has an Nginx plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo ./path/to/certbot-auto --nginx
Running this command will get a certificate for you and have Certbot edit your Nginx configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Nginx configuration by hand, you can use the certonly subcommand:
$ sudo ./path/to/certbot-auto --nginx certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it is a wrapper that installs all of its own dependencies and updates the client code automatically.
Advanced Get Started
Certbot has an Nginx plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo ./path/to/certbot-auto --nginx
Running this command will get a certificate for you and have Certbot edit your Nginx configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Nginx configuration by hand, you can use the certonly subcommand:
$ sudo ./path/to/certbot-auto --nginx certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Back to topHaproxy on Debian 7 (wheezy)
Automated Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it installs all of its own dependencies and updates the client code automatically.
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo ./path/to/certbot-auto certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo ./path/to/certbot-auto certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo ./path/to/certbot-auto certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Advanced Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it is a wrapper that installs all of its own dependencies and updates the client code automatically.
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo ./path/to/certbot-auto certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo ./path/to/certbot-auto certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo ./path/to/certbot-auto certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Back to topPlesk on Debian 7 (wheezy)
Automated Install
Automated Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Advanced Install
Advanced Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Back to topNone of the above on Debian 7 (wheezy)
Automated Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it installs all of its own dependencies and updates the client code automatically.
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo ./path/to/certbot-auto certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo ./path/to/certbot-auto certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo ./path/to/certbot-auto certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it is a wrapper that installs all of its own dependencies and updates the client code automatically.
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo ./path/to/certbot-auto certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo ./path/to/certbot-auto certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo ./path/to/certbot-auto certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Back to topApache on Debian 8 (jessie)
Automated Install
Install
Since Certbot is packaged for your system, all you'll need to do is apt-get the following packages.
First you'll have to follow the instructions here to enable the Jessie backports repo, if you have not already done so. Then run:
$ sudo apt-get install python-certbot-apache -t jessie-backports
Automated Get Started
Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --apache
Running this command will get a certificate for you and have Certbot edit your Apache configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Apache configuration by hand, you can use the certonly subcommand:
$ sudo certbot --apache certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Since Certbot is packaged for your system, all you'll need to do is apt-get the following packages.
First you'll have to follow the instructions here to enable the Jessie backports repo, if you have not already done so. Then run:
$ sudo apt-get install python-certbot-apache -t jessie-backports
Advanced Get Started
Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --apache
Running this command will get a certificate for you and have Certbot edit your Apache configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Apache configuration by hand, you can use the certonly subcommand:
$ sudo certbot --apache certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Back to topNginx on Debian 8 (jessie)
Automated Install
Install
Since Certbot is packaged for your system, all you'll need to do is apt-get the following packages.
First you'll have to follow the instructions here to enable the Jessie backports repo, if you have not already done so. Then run:
$ sudo apt-get install certbot -t jessie-backports
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Since Certbot is packaged for your system, all you'll need to do is apt-get the following packages.
First you'll have to follow the instructions here to enable the Jessie backports repo, if you have not already done so. Then run:
$ sudo apt-get install certbot -t jessie-backports
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Back to topHaproxy on Debian 8 (jessie)
Automated Install
Install
Since Certbot is packaged for your system, all you'll need to do is apt-get the following packages.
First you'll have to follow the instructions here to enable the Jessie backports repo, if you have not already done so. Then run:
$ sudo apt-get install certbot -t jessie-backports
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Advanced Install
Install
Since Certbot is packaged for your system, all you'll need to do is apt-get the following packages.
First you'll have to follow the instructions here to enable the Jessie backports repo, if you have not already done so. Then run:
$ sudo apt-get install certbot -t jessie-backports
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Back to topPlesk on Debian 8 (jessie)
Automated Install
Automated Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Advanced Install
Advanced Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Back to topNone of the above on Debian 8 (jessie)
Automated Install
Install
Since Certbot is packaged for your system, all you'll need to do is apt-get the following packages.
First you'll have to follow the instructions here to enable the Jessie backports repo, if you have not already done so. Then run:
$ sudo apt-get install certbot -t jessie-backports
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Since Certbot is packaged for your system, all you'll need to do is apt-get the following packages.
First you'll have to follow the instructions here to enable the Jessie backports repo, if you have not already done so. Then run:
$ sudo apt-get install certbot -t jessie-backports
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Back to topApache on Debian 9 (stretch)
Automated Install
Install
Since Certbot is packaged for your system, all you'll need to do is apt-get the following packages.
First you'll have to follow the instructions here to enable the Stretch backports repo, if you have not already done so. Then run:
$ sudo apt-get install python-certbot-apache -t stretch-backports
Automated Get Started
Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --apache
Running this command will get a certificate for you and have Certbot edit your Apache configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Apache configuration by hand, you can use the certonly subcommand:
$ sudo certbot --apache certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Since Certbot is packaged for your system, all you'll need to do is apt-get the following packages.
First you'll have to follow the instructions here to enable the Stretch backports repo, if you have not already done so. Then run:
$ sudo apt-get install python-certbot-apache -t stretch-backports
Advanced Get Started
Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --apache
Running this command will get a certificate for you and have Certbot edit your Apache configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Apache configuration by hand, you can use the certonly subcommand:
$ sudo certbot --apache certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Back to topNginx on Debian 9 (stretch)
Automated Install
Install
Since Certbot is packaged for your system, all you'll need to do is apt-get the following packages.
First you'll have to follow the instructions here to enable the Stretch backports repo, if you have not already done so. Then run:
$ sudo apt-get install python-certbot-nginx -t stretch-backports
Automated Get Started
Certbot has an Nginx plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --nginx
Running this command will get a certificate for you and have Certbot edit your Nginx configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Nginx configuration by hand, you can use the certonly subcommand:
$ sudo certbot --nginx certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Since Certbot is packaged for your system, all you'll need to do is apt-get the following packages.
First you'll have to follow the instructions here to enable the Stretch backports repo, if you have not already done so. Then run:
$ sudo apt-get install python-certbot-nginx -t stretch-backports
Advanced Get Started
Certbot has an Nginx plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --nginx
Running this command will get a certificate for you and have Certbot edit your Nginx configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Nginx configuration by hand, you can use the certonly subcommand:
$ sudo certbot --nginx certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Back to topHaproxy on Debian 9 (stretch)
Automated Install
Install
Since Certbot is packaged for your system, all you'll need to do is apt-get the following packages.
First you'll have to follow the instructions here to enable the Stretch backports repo, if you have not already done so. Then run:
$ sudo apt-get install certbot -t stretch-backports
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Advanced Install
Install
Since Certbot is packaged for your system, all you'll need to do is apt-get the following packages.
First you'll have to follow the instructions here to enable the Stretch backports repo, if you have not already done so. Then run:
$ sudo apt-get install certbot -t stretch-backports
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Back to topPlesk on Debian 9 (stretch)
Automated Install
Automated Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Advanced Install
Advanced Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Back to topNone of the above on Debian 9 (stretch)
Automated Install
Install
Since Certbot is packaged for your system, all you'll need to do is apt-get the following packages.
First you'll have to follow the instructions here to enable the Stretch backports repo, if you have not already done so. Then run:
$ sudo apt-get install certbot -t stretch-backports
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Since Certbot is packaged for your system, all you'll need to do is apt-get the following packages.
First you'll have to follow the instructions here to enable the Stretch backports repo, if you have not already done so. Then run:
$ sudo apt-get install certbot -t stretch-backports
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Back to topApache on Debian testing/unstable
Automated Install
Install
Since Certbot is packaged for your system, all you'll need to do is apt-get the following packages.
$ sudo apt-get install python-certbot-apache
Automated Get Started
Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --apache
Running this command will get a certificate for you and have Certbot edit your Apache configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Apache configuration by hand, you can use the certonly subcommand:
$ sudo certbot --apache certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Since Certbot is packaged for your system, all you'll need to do is apt-get the following packages.
$ sudo apt-get install python-certbot-apache
Advanced Get Started
Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --apache
Running this command will get a certificate for you and have Certbot edit your Apache configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Apache configuration by hand, you can use the certonly subcommand:
$ sudo certbot --apache certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Back to topNginx on Debian testing/unstable
Automated Install
Install
Since Certbot is packaged for your system, all you'll need to do is apt-get the following packages.
$ sudo apt-get install python-certbot-nginx
Automated Get Started
Certbot has an Nginx plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --nginx
Running this command will get a certificate for you and have Certbot edit your Nginx configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Nginx configuration by hand, you can use the certonly subcommand:
$ sudo certbot --nginx certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Since Certbot is packaged for your system, all you'll need to do is apt-get the following packages.
$ sudo apt-get install python-certbot-nginx
Advanced Get Started
Certbot has an Nginx plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --nginx
Running this command will get a certificate for you and have Certbot edit your Nginx configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Nginx configuration by hand, you can use the certonly subcommand:
$ sudo certbot --nginx certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Back to topHaproxy on Debian testing/unstable
Automated Install
Install
Since Certbot is packaged for your system, all you'll need to do is apt-get the following packages.
$ sudo apt-get install certbot
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Advanced Install
Install
Since Certbot is packaged for your system, all you'll need to do is apt-get the following packages.
$ sudo apt-get install certbot
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Back to topPlesk on Debian testing/unstable
Automated Install
Automated Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Advanced Install
Advanced Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Back to topNone of the above on Debian testing/unstable
Automated Install
Install
Since Certbot is packaged for your system, all you'll need to do is apt-get the following packages.
$ sudo apt-get install certbot
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Since Certbot is packaged for your system, all you'll need to do is apt-get the following packages.
$ sudo apt-get install certbot
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Back to topApache on Debian (other)
Automated Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it installs all of its own dependencies and updates the client code automatically.
Automated Get Started
Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo ./path/to/certbot-auto --apache
Running this command will get a certificate for you and have Certbot edit your Apache configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Apache configuration by hand, you can use the certonly subcommand:
$ sudo ./path/to/certbot-auto --apache certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it is a wrapper that installs all of its own dependencies and updates the client code automatically.
Advanced Get Started
Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo ./path/to/certbot-auto --apache
Running this command will get a certificate for you and have Certbot edit your Apache configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Apache configuration by hand, you can use the certonly subcommand:
$ sudo ./path/to/certbot-auto --apache certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Back to topNginx on Debian (other)
Automated Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it installs all of its own dependencies and updates the client code automatically.
Automated Get Started
Certbot has an Nginx plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo ./path/to/certbot-auto --nginx
Running this command will get a certificate for you and have Certbot edit your Nginx configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Nginx configuration by hand, you can use the certonly subcommand:
$ sudo ./path/to/certbot-auto --nginx certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it is a wrapper that installs all of its own dependencies and updates the client code automatically.
Advanced Get Started
Certbot has an Nginx plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo ./path/to/certbot-auto --nginx
Running this command will get a certificate for you and have Certbot edit your Nginx configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Nginx configuration by hand, you can use the certonly subcommand:
$ sudo ./path/to/certbot-auto --nginx certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Back to topHaproxy on Debian (other)
Automated Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it installs all of its own dependencies and updates the client code automatically.
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo ./path/to/certbot-auto certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo ./path/to/certbot-auto certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo ./path/to/certbot-auto certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Advanced Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it is a wrapper that installs all of its own dependencies and updates the client code automatically.
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo ./path/to/certbot-auto certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo ./path/to/certbot-auto certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo ./path/to/certbot-auto certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Back to topPlesk on Debian (other)
Automated Install
Automated Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Advanced Install
Advanced Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Back to topNone of the above on Debian (other)
Automated Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it installs all of its own dependencies and updates the client code automatically.
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo ./path/to/certbot-auto certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo ./path/to/certbot-auto certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo ./path/to/certbot-auto certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it is a wrapper that installs all of its own dependencies and updates the client code automatically.
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo ./path/to/certbot-auto certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo ./path/to/certbot-auto certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo ./path/to/certbot-auto certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Back to topApache on Ubuntu 17.04 (zesty)
Automated Install
Install
On Ubuntu systems, the Certbot team maintains a PPA. Once you add it to your list of repositories all you'll need to do is apt-get the following packages.
$ sudo apt-get update $ sudo apt-get install software-properties-common $ sudo add-apt-repository ppa:certbot/certbot $ sudo apt-get update $ sudo apt-get install python-certbot-apache
Automated Get Started
Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --apache
Running this command will get a certificate for you and have Certbot edit your Apache configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Apache configuration by hand, you can use the certonly subcommand:
$ sudo certbot --apache certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
On Ubuntu systems, the Certbot team maintains a PPA. Once you add it to your list of repositories all you'll need to do is apt-get the following packages.
$ sudo apt-get update $ sudo apt-get install software-properties-common $ sudo add-apt-repository ppa:certbot/certbot $ sudo apt-get update $ sudo apt-get install python-certbot-apache
Advanced Get Started
Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --apache
Running this command will get a certificate for you and have Certbot edit your Apache configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Apache configuration by hand, you can use the certonly subcommand:
$ sudo certbot --apache certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Back to topNginx on Ubuntu 17.04 (zesty)
Automated Install
Install
On Ubuntu systems, the Certbot team maintains a PPA. Once you add it to your list of repositories all you'll need to do is apt-get the following packages.
$ sudo apt-get update $ sudo apt-get install software-properties-common $ sudo add-apt-repository ppa:certbot/certbot $ sudo apt-get update $ sudo apt-get install python-certbot-nginx
Automated Get Started
Certbot has an Nginx plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --nginx
Running this command will get a certificate for you and have Certbot edit your Nginx configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Nginx configuration by hand, you can use the certonly subcommand:
$ sudo certbot --nginx certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
On Ubuntu systems, the Certbot team maintains a PPA. Once you add it to your list of repositories all you'll need to do is apt-get the following packages.
$ sudo apt-get update $ sudo apt-get install software-properties-common $ sudo add-apt-repository ppa:certbot/certbot $ sudo apt-get update $ sudo apt-get install python-certbot-nginx
Advanced Get Started
Certbot has an Nginx plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --nginx
Running this command will get a certificate for you and have Certbot edit your Nginx configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Nginx configuration by hand, you can use the certonly subcommand:
$ sudo certbot --nginx certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Back to topHaproxy on Ubuntu 17.04 (zesty)
Automated Install
Install
On Ubuntu systems, the Certbot team maintains a PPA. Once you add it to your list of repositories all you'll need to do is apt-get the following packages.
$ sudo apt-get update $ sudo apt-get install software-properties-common $ sudo add-apt-repository ppa:certbot/certbot $ sudo apt-get update $ sudo apt-get install certbot
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Advanced Install
Install
On Ubuntu systems, the Certbot team maintains a PPA. Once you add it to your list of repositories all you'll need to do is apt-get the following packages.
$ sudo apt-get update $ sudo apt-get install software-properties-common $ sudo add-apt-repository ppa:certbot/certbot $ sudo apt-get update $ sudo apt-get install certbot
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Back to topPlesk on Ubuntu 17.04 (zesty)
Automated Install
Automated Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Advanced Install
Advanced Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Back to topNone of the above on Ubuntu 17.04 (zesty)
Automated Install
Install
On Ubuntu systems, the Certbot team maintains a PPA. Once you add it to your list of repositories all you'll need to do is apt-get the following packages.
$ sudo apt-get update $ sudo apt-get install software-properties-common $ sudo add-apt-repository ppa:certbot/certbot $ sudo apt-get update $ sudo apt-get install certbot
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
On Ubuntu systems, the Certbot team maintains a PPA. Once you add it to your list of repositories all you'll need to do is apt-get the following packages.
$ sudo apt-get update $ sudo apt-get install software-properties-common $ sudo add-apt-repository ppa:certbot/certbot $ sudo apt-get update $ sudo apt-get install certbot
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Back to topApache on Ubuntu 16.10 (yakkety)
Automated Install
Install
On Ubuntu systems, the Certbot team maintains a PPA. Once you add it to your list of repositories all you'll need to do is apt-get the following packages.
$ sudo apt-get update $ sudo apt-get install software-properties-common $ sudo add-apt-repository ppa:certbot/certbot $ sudo apt-get update $ sudo apt-get install python-certbot-apache
Automated Get Started
Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --apache
Running this command will get a certificate for you and have Certbot edit your Apache configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Apache configuration by hand, you can use the certonly subcommand:
$ sudo certbot --apache certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
On Ubuntu systems, the Certbot team maintains a PPA. Once you add it to your list of repositories all you'll need to do is apt-get the following packages.
$ sudo apt-get update $ sudo apt-get install software-properties-common $ sudo add-apt-repository ppa:certbot/certbot $ sudo apt-get update $ sudo apt-get install python-certbot-apache
Advanced Get Started
Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --apache
Running this command will get a certificate for you and have Certbot edit your Apache configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Apache configuration by hand, you can use the certonly subcommand:
$ sudo certbot --apache certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Back to topNginx on Ubuntu 16.10 (yakkety)
Automated Install
Install
On Ubuntu systems, the Certbot team maintains a PPA. Once you add it to your list of repositories all you'll need to do is apt-get the following packages.
$ sudo apt-get update $ sudo apt-get install software-properties-common $ sudo add-apt-repository ppa:certbot/certbot $ sudo apt-get update $ sudo apt-get install python-certbot-nginx
Automated Get Started
Certbot has an Nginx plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --nginx
Running this command will get a certificate for you and have Certbot edit your Nginx configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Nginx configuration by hand, you can use the certonly subcommand:
$ sudo certbot --nginx certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
On Ubuntu systems, the Certbot team maintains a PPA. Once you add it to your list of repositories all you'll need to do is apt-get the following packages.
$ sudo apt-get update $ sudo apt-get install software-properties-common $ sudo add-apt-repository ppa:certbot/certbot $ sudo apt-get update $ sudo apt-get install python-certbot-nginx
Advanced Get Started
Certbot has an Nginx plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --nginx
Running this command will get a certificate for you and have Certbot edit your Nginx configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Nginx configuration by hand, you can use the certonly subcommand:
$ sudo certbot --nginx certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Back to topHaproxy on Ubuntu 16.10 (yakkety)
Automated Install
Install
On Ubuntu systems, the Certbot team maintains a PPA. Once you add it to your list of repositories all you'll need to do is apt-get the following packages.
$ sudo apt-get update $ sudo apt-get install software-properties-common $ sudo add-apt-repository ppa:certbot/certbot $ sudo apt-get update $ sudo apt-get install certbot
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Advanced Install
Install
On Ubuntu systems, the Certbot team maintains a PPA. Once you add it to your list of repositories all you'll need to do is apt-get the following packages.
$ sudo apt-get update $ sudo apt-get install software-properties-common $ sudo add-apt-repository ppa:certbot/certbot $ sudo apt-get update $ sudo apt-get install certbot
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Back to topPlesk on Ubuntu 16.10 (yakkety)
Automated Install
Automated Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Advanced Install
Advanced Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Back to topNone of the above on Ubuntu 16.10 (yakkety)
Automated Install
Install
On Ubuntu systems, the Certbot team maintains a PPA. Once you add it to your list of repositories all you'll need to do is apt-get the following packages.
$ sudo apt-get update $ sudo apt-get install software-properties-common $ sudo add-apt-repository ppa:certbot/certbot $ sudo apt-get update $ sudo apt-get install certbot
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
On Ubuntu systems, the Certbot team maintains a PPA. Once you add it to your list of repositories all you'll need to do is apt-get the following packages.
$ sudo apt-get update $ sudo apt-get install software-properties-common $ sudo add-apt-repository ppa:certbot/certbot $ sudo apt-get update $ sudo apt-get install certbot
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Back to topApache on Ubuntu 16.04 (xenial)
Automated Install
Install
On Ubuntu systems, the Certbot team maintains a PPA. Once you add it to your list of repositories all you'll need to do is apt-get the following packages.
$ sudo apt-get update $ sudo apt-get install software-properties-common $ sudo add-apt-repository ppa:certbot/certbot $ sudo apt-get update $ sudo apt-get install python-certbot-apache
Automated Get Started
Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --apache
Running this command will get a certificate for you and have Certbot edit your Apache configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Apache configuration by hand, you can use the certonly subcommand:
$ sudo certbot --apache certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
On Ubuntu systems, the Certbot team maintains a PPA. Once you add it to your list of repositories all you'll need to do is apt-get the following packages.
$ sudo apt-get update $ sudo apt-get install software-properties-common $ sudo add-apt-repository ppa:certbot/certbot $ sudo apt-get update $ sudo apt-get install python-certbot-apache
Advanced Get Started
Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --apache
Running this command will get a certificate for you and have Certbot edit your Apache configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Apache configuration by hand, you can use the certonly subcommand:
$ sudo certbot --apache certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Back to topNginx on Ubuntu 16.04 (xenial)
Automated Install
Install
On Ubuntu systems, the Certbot team maintains a PPA. Once you add it to your list of repositories all you'll need to do is apt-get the following packages.
$ sudo apt-get update $ sudo apt-get install software-properties-common $ sudo add-apt-repository ppa:certbot/certbot $ sudo apt-get update $ sudo apt-get install python-certbot-nginx
Automated Get Started
Certbot has an Nginx plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --nginx
Running this command will get a certificate for you and have Certbot edit your Nginx configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Nginx configuration by hand, you can use the certonly subcommand:
$ sudo certbot --nginx certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
On Ubuntu systems, the Certbot team maintains a PPA. Once you add it to your list of repositories all you'll need to do is apt-get the following packages.
$ sudo apt-get update $ sudo apt-get install software-properties-common $ sudo add-apt-repository ppa:certbot/certbot $ sudo apt-get update $ sudo apt-get install python-certbot-nginx
Advanced Get Started
Certbot has an Nginx plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --nginx
Running this command will get a certificate for you and have Certbot edit your Nginx configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Nginx configuration by hand, you can use the certonly subcommand:
$ sudo certbot --nginx certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Back to topHaproxy on Ubuntu 16.04 (xenial)
Automated Install
Install
On Ubuntu systems, the Certbot team maintains a PPA. Once you add it to your list of repositories all you'll need to do is apt-get the following packages.
$ sudo apt-get update $ sudo apt-get install software-properties-common $ sudo add-apt-repository ppa:certbot/certbot $ sudo apt-get update $ sudo apt-get install certbot
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Advanced Install
Install
On Ubuntu systems, the Certbot team maintains a PPA. Once you add it to your list of repositories all you'll need to do is apt-get the following packages.
$ sudo apt-get update $ sudo apt-get install software-properties-common $ sudo add-apt-repository ppa:certbot/certbot $ sudo apt-get update $ sudo apt-get install certbot
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Back to topPlesk on Ubuntu 16.04 (xenial)
Automated Install
Automated Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Advanced Install
Advanced Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Back to topNone of the above on Ubuntu 16.04 (xenial)
Automated Install
Install
On Ubuntu systems, the Certbot team maintains a PPA. Once you add it to your list of repositories all you'll need to do is apt-get the following packages.
$ sudo apt-get update $ sudo apt-get install software-properties-common $ sudo add-apt-repository ppa:certbot/certbot $ sudo apt-get update $ sudo apt-get install certbot
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
On Ubuntu systems, the Certbot team maintains a PPA. Once you add it to your list of repositories all you'll need to do is apt-get the following packages.
$ sudo apt-get update $ sudo apt-get install software-properties-common $ sudo add-apt-repository ppa:certbot/certbot $ sudo apt-get update $ sudo apt-get install certbot
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Back to topApache on Ubuntu 14.04 (trusty)
Automated Install
Install
On Ubuntu systems, the Certbot team maintains a PPA. Once you add it to your list of repositories all you'll need to do is apt-get the following packages.
$ sudo apt-get update $ sudo apt-get install software-properties-common $ sudo add-apt-repository ppa:certbot/certbot $ sudo apt-get update $ sudo apt-get install python-certbot-apache
Automated Get Started
Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --apache
Running this command will get a certificate for you and have Certbot edit your Apache configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Apache configuration by hand, you can use the certonly subcommand:
$ sudo certbot --apache certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
On Ubuntu systems, the Certbot team maintains a PPA. Once you add it to your list of repositories all you'll need to do is apt-get the following packages.
$ sudo apt-get update $ sudo apt-get install software-properties-common $ sudo add-apt-repository ppa:certbot/certbot $ sudo apt-get update $ sudo apt-get install python-certbot-apache
Advanced Get Started
Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --apache
Running this command will get a certificate for you and have Certbot edit your Apache configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Apache configuration by hand, you can use the certonly subcommand:
$ sudo certbot --apache certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Back to topNginx on Ubuntu 14.04 (trusty)
Automated Install
Install
On Ubuntu systems, the Certbot team maintains a PPA. Once you add it to your list of repositories all you'll need to do is apt-get the following packages.
$ sudo apt-get update $ sudo apt-get install software-properties-common $ sudo add-apt-repository ppa:certbot/certbot $ sudo apt-get update $ sudo apt-get install python-certbot-nginx
Automated Get Started
Certbot has an Nginx plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --nginx
Running this command will get a certificate for you and have Certbot edit your Nginx configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Nginx configuration by hand, you can use the certonly subcommand:
$ sudo certbot --nginx certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
On Ubuntu systems, the Certbot team maintains a PPA. Once you add it to your list of repositories all you'll need to do is apt-get the following packages.
$ sudo apt-get update $ sudo apt-get install software-properties-common $ sudo add-apt-repository ppa:certbot/certbot $ sudo apt-get update $ sudo apt-get install python-certbot-nginx
Advanced Get Started
Certbot has an Nginx plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --nginx
Running this command will get a certificate for you and have Certbot edit your Nginx configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Nginx configuration by hand, you can use the certonly subcommand:
$ sudo certbot --nginx certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Back to topHaproxy on Ubuntu 14.04 (trusty)
Automated Install
Install
On Ubuntu systems, the Certbot team maintains a PPA. Once you add it to your list of repositories all you'll need to do is apt-get the following packages.
$ sudo apt-get update $ sudo apt-get install software-properties-common $ sudo add-apt-repository ppa:certbot/certbot $ sudo apt-get update $ sudo apt-get install certbot
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Advanced Install
Install
On Ubuntu systems, the Certbot team maintains a PPA. Once you add it to your list of repositories all you'll need to do is apt-get the following packages.
$ sudo apt-get update $ sudo apt-get install software-properties-common $ sudo add-apt-repository ppa:certbot/certbot $ sudo apt-get update $ sudo apt-get install certbot
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Back to topPlesk on Ubuntu 14.04 (trusty)
Automated Install
Automated Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Advanced Install
Advanced Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Back to topNone of the above on Ubuntu 14.04 (trusty)
Automated Install
Install
On Ubuntu systems, the Certbot team maintains a PPA. Once you add it to your list of repositories all you'll need to do is apt-get the following packages.
$ sudo apt-get update $ sudo apt-get install software-properties-common $ sudo add-apt-repository ppa:certbot/certbot $ sudo apt-get update $ sudo apt-get install certbot
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
On Ubuntu systems, the Certbot team maintains a PPA. Once you add it to your list of repositories all you'll need to do is apt-get the following packages.
$ sudo apt-get update $ sudo apt-get install software-properties-common $ sudo add-apt-repository ppa:certbot/certbot $ sudo apt-get update $ sudo apt-get install certbot
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Back to topApache on Ubuntu (other)
Automated Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it installs all of its own dependencies and updates the client code automatically.
Automated Get Started
Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo ./path/to/certbot-auto --apache
Running this command will get a certificate for you and have Certbot edit your Apache configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Apache configuration by hand, you can use the certonly subcommand:
$ sudo ./path/to/certbot-auto --apache certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it is a wrapper that installs all of its own dependencies and updates the client code automatically.
Advanced Get Started
Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo ./path/to/certbot-auto --apache
Running this command will get a certificate for you and have Certbot edit your Apache configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Apache configuration by hand, you can use the certonly subcommand:
$ sudo ./path/to/certbot-auto --apache certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Back to topNginx on Ubuntu (other)
Automated Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it installs all of its own dependencies and updates the client code automatically.
Automated Get Started
Certbot has an Nginx plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo ./path/to/certbot-auto --nginx
Running this command will get a certificate for you and have Certbot edit your Nginx configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Nginx configuration by hand, you can use the certonly subcommand:
$ sudo ./path/to/certbot-auto --nginx certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it is a wrapper that installs all of its own dependencies and updates the client code automatically.
Advanced Get Started
Certbot has an Nginx plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo ./path/to/certbot-auto --nginx
Running this command will get a certificate for you and have Certbot edit your Nginx configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Nginx configuration by hand, you can use the certonly subcommand:
$ sudo ./path/to/certbot-auto --nginx certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Back to topHaproxy on Ubuntu (other)
Automated Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it installs all of its own dependencies and updates the client code automatically.
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo ./path/to/certbot-auto certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo ./path/to/certbot-auto certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo ./path/to/certbot-auto certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Advanced Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it is a wrapper that installs all of its own dependencies and updates the client code automatically.
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo ./path/to/certbot-auto certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo ./path/to/certbot-auto certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo ./path/to/certbot-auto certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Back to topPlesk on Ubuntu (other)
Automated Install
Automated Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Advanced Install
Advanced Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Back to topNone of the above on Ubuntu (other)
Automated Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it installs all of its own dependencies and updates the client code automatically.
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo ./path/to/certbot-auto certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo ./path/to/certbot-auto certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo ./path/to/certbot-auto certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it is a wrapper that installs all of its own dependencies and updates the client code automatically.
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo ./path/to/certbot-auto certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo ./path/to/certbot-auto certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo ./path/to/certbot-auto certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Back to topApache on Gentoo
Automated Install
Install
The Certbot client is available in Gentoo Portage. (Run the package-management commands below with sudo if not running as root.)
$ emerge -av app-crypt/certbot-apache
Automated Get Started
Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --apache
Running this command will get a certificate for you and have Certbot edit your Apache configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Apache configuration by hand, you can use the certonly subcommand:
$ sudo certbot --apache certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
The Certbot client is available in Gentoo Portage. (Run the package-management commands below with sudo if not running as root.)
$ emerge -av app-crypt/certbot-apache
Advanced Get Started
Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --apache
Running this command will get a certificate for you and have Certbot edit your Apache configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Apache configuration by hand, you can use the certonly subcommand:
$ sudo certbot --apache certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Back to topNginx on Gentoo
Automated Install
Install
The Certbot client is available in Gentoo Portage. (Run the package-management commands below with sudo if not running as root.)
$ emerge -av app-crypt/certbot-nginx
Automated Get Started
Certbot has an Nginx plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --nginx
Running this command will get a certificate for you and have Certbot edit your Nginx configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Nginx configuration by hand, you can use the certonly subcommand:
$ sudo certbot --nginx certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
The Certbot client is available in Gentoo Portage. (Run the package-management commands below with sudo if not running as root.)
$ emerge -av app-crypt/certbot-nginx
Advanced Get Started
Certbot has an Nginx plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --nginx
Running this command will get a certificate for you and have Certbot edit your Nginx configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Nginx configuration by hand, you can use the certonly subcommand:
$ sudo certbot --nginx certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Back to topHaproxy on Gentoo
Automated Install
Install
The Certbot client is available in Gentoo Portage. (Run the package-management commands below with sudo if not running as root.)
$ emerge -av app-crypt/certbot
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Advanced Install
Install
The Certbot client is available in Gentoo Portage. (Run the package-management commands below with sudo if not running as root.)
$ emerge -av app-crypt/certbot
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Back to topPlesk on Gentoo
Automated Install
Automated Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Advanced Install
Advanced Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Back to topNone of the above on Gentoo
Automated Install
Install
The Certbot client is available in Gentoo Portage. (Run the package-management commands below with sudo if not running as root.)
$ emerge -av app-crypt/certbot
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
The Certbot client is available in Gentoo Portage. (Run the package-management commands below with sudo if not running as root.)
$ emerge -av app-crypt/certbot
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Back to topApache on Arch Linux
Automated Install
Install
Run these steps to install the Certbot client.
$ sudo pacman -S certbot-apache
Automated Get Started
Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --apache
Running this command will get a certificate for you and have Certbot edit your Apache configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Apache configuration by hand, you can use the certonly subcommand:
$ sudo certbot --apache certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Run these steps to install the Certbot client.
$ sudo pacman -S certbot-apache
Advanced Get Started
Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --apache
Running this command will get a certificate for you and have Certbot edit your Apache configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Apache configuration by hand, you can use the certonly subcommand:
$ sudo certbot --apache certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Back to topNginx on Arch Linux
Automated Install
Install
Run these steps to install the Certbot client.
$ sudo pacman -S certbot-nginx
Automated Get Started
Certbot has an Nginx plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --nginx
Running this command will get a certificate for you and have Certbot edit your Nginx configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Nginx configuration by hand, you can use the certonly subcommand:
$ sudo certbot --nginx certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Run these steps to install the Certbot client.
$ sudo pacman -S certbot-nginx
Advanced Get Started
Certbot has an Nginx plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --nginx
Running this command will get a certificate for you and have Certbot edit your Nginx configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Nginx configuration by hand, you can use the certonly subcommand:
$ sudo certbot --nginx certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Back to topHaproxy on Arch Linux
Automated Install
Install
Run these steps to install the Certbot client.
$ sudo pacman -S certbot
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Advanced Install
Install
Run these steps to install the Certbot client.
$ sudo pacman -S certbot
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Back to topPlesk on Arch Linux
Automated Install
Automated Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Advanced Install
Advanced Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Back to topNone of the above on Arch Linux
Automated Install
Install
Run these steps to install the Certbot client.
$ sudo pacman -S certbot
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Run these steps to install the Certbot client.
$ sudo pacman -S certbot
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Back to topApache on Fedora 24+
Automated Install
Install
Certbot is packaged for your OS, so to install it simply run the following command:
$ sudo dnf install certbot-apache
Automated Get Started
Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --apache
Running this command will get a certificate for you and have Certbot edit your Apache configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Apache configuration by hand, you can use the certonly subcommand:
$ sudo certbot --apache certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Certbot is packaged for your OS, so to install it simply run the following command:
$ sudo dnf install certbot-apache
Advanced Get Started
Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --apache
Running this command will get a certificate for you and have Certbot edit your Apache configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Apache configuration by hand, you can use the certonly subcommand:
$ sudo certbot --apache certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Back to topNginx on Fedora 24+
Automated Install
Install
Certbot is packaged for your OS, so to install it simply run the following command:
$ sudo dnf install certbot-nginx
Automated Get Started
Certbot has an Nginx plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --nginx
Running this command will get a certificate for you and have Certbot edit your Nginx configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Nginx configuration by hand, you can use the certonly subcommand:
$ sudo certbot --nginx certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Certbot is packaged for your OS, so to install it simply run the following command:
$ sudo dnf install certbot-nginx
Advanced Get Started
Certbot has an Nginx plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --nginx
Running this command will get a certificate for you and have Certbot edit your Nginx configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Nginx configuration by hand, you can use the certonly subcommand:
$ sudo certbot --nginx certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Back to topHaproxy on Fedora 24+
Automated Install
Install
Certbot is packaged for your OS, so to install it simply run the following command:
$ sudo dnf install certbot
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Advanced Install
Install
Certbot is packaged for your OS, so to install it simply run the following command:
$ sudo dnf install certbot
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Back to topPlesk on Fedora 24+
Automated Install
Automated Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Advanced Install
Advanced Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Back to topNone of the above on Fedora 24+
Automated Install
Install
Certbot is packaged for your OS, so to install it simply run the following command:
$ sudo dnf install certbot
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Certbot is packaged for your OS, so to install it simply run the following command:
$ sudo dnf install certbot
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Back to topApache on CentOS 6
Automated Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it installs all of its own dependencies and updates the client code automatically.
Automated Get Started
Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo ./path/to/certbot-auto --apache
Running this command will get a certificate for you and have Certbot edit your Apache configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Apache configuration by hand, you can use the certonly subcommand:
$ sudo ./path/to/certbot-auto --apache certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it is a wrapper that installs all of its own dependencies and updates the client code automatically.
Advanced Get Started
Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo ./path/to/certbot-auto --apache
Running this command will get a certificate for you and have Certbot edit your Apache configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Apache configuration by hand, you can use the certonly subcommand:
$ sudo ./path/to/certbot-auto --apache certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Back to topNginx on CentOS 6
Automated Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it installs all of its own dependencies and updates the client code automatically.
Automated Get Started
Certbot has an Nginx plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo ./path/to/certbot-auto --nginx
Running this command will get a certificate for you and have Certbot edit your Nginx configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Nginx configuration by hand, you can use the certonly subcommand:
$ sudo ./path/to/certbot-auto --nginx certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it is a wrapper that installs all of its own dependencies and updates the client code automatically.
Advanced Get Started
Certbot has an Nginx plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo ./path/to/certbot-auto --nginx
Running this command will get a certificate for you and have Certbot edit your Nginx configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Nginx configuration by hand, you can use the certonly subcommand:
$ sudo ./path/to/certbot-auto --nginx certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Back to topHaproxy on CentOS 6
Automated Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it installs all of its own dependencies and updates the client code automatically.
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo ./path/to/certbot-auto certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo ./path/to/certbot-auto certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo ./path/to/certbot-auto certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Advanced Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it is a wrapper that installs all of its own dependencies and updates the client code automatically.
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo ./path/to/certbot-auto certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo ./path/to/certbot-auto certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo ./path/to/certbot-auto certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Back to topPlesk on CentOS 6
Automated Install
Automated Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Advanced Install
Advanced Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Back to topNone of the above on CentOS 6
Automated Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it installs all of its own dependencies and updates the client code automatically.
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo ./path/to/certbot-auto certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo ./path/to/certbot-auto certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo ./path/to/certbot-auto certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it is a wrapper that installs all of its own dependencies and updates the client code automatically.
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo ./path/to/certbot-auto certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo ./path/to/certbot-auto certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo ./path/to/certbot-auto certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Back to topApache on RHEL 6
Automated Install
Install
Not all of Certbot's dependencies are available in the standard repositories. To use Certbot, you must first enable the EPEL (Extra Packages for Enterprise Linux) repository.
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it installs all of its own dependencies and updates the client code automatically.
Automated Get Started
Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo ./path/to/certbot-auto --apache
Running this command will get a certificate for you and have Certbot edit your Apache configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Apache configuration by hand, you can use the certonly subcommand:
$ sudo ./path/to/certbot-auto --apache certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Not all of Certbot's dependencies are available in the standard repositories. To use Certbot, you must first enable the EPEL (Extra Packages for Enterprise Linux) repository.
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it is a wrapper that installs all of its own dependencies and updates the client code automatically.
Advanced Get Started
Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo ./path/to/certbot-auto --apache
Running this command will get a certificate for you and have Certbot edit your Apache configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Apache configuration by hand, you can use the certonly subcommand:
$ sudo ./path/to/certbot-auto --apache certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Back to topNginx on RHEL 6
Automated Install
Install
Not all of Certbot's dependencies are available in the standard repositories. To use Certbot, you must first enable the EPEL (Extra Packages for Enterprise Linux) repository.
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it installs all of its own dependencies and updates the client code automatically.
Automated Get Started
Certbot has an Nginx plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo ./path/to/certbot-auto --nginx
Running this command will get a certificate for you and have Certbot edit your Nginx configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Nginx configuration by hand, you can use the certonly subcommand:
$ sudo ./path/to/certbot-auto --nginx certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Not all of Certbot's dependencies are available in the standard repositories. To use Certbot, you must first enable the EPEL (Extra Packages for Enterprise Linux) repository.
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it is a wrapper that installs all of its own dependencies and updates the client code automatically.
Advanced Get Started
Certbot has an Nginx plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo ./path/to/certbot-auto --nginx
Running this command will get a certificate for you and have Certbot edit your Nginx configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Nginx configuration by hand, you can use the certonly subcommand:
$ sudo ./path/to/certbot-auto --nginx certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Back to topHaproxy on RHEL 6
Automated Install
Install
Not all of Certbot's dependencies are available in the standard repositories. To use Certbot, you must first enable the EPEL (Extra Packages for Enterprise Linux) repository.
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it installs all of its own dependencies and updates the client code automatically.
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo ./path/to/certbot-auto certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo ./path/to/certbot-auto certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo ./path/to/certbot-auto certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Advanced Install
Install
Not all of Certbot's dependencies are available in the standard repositories. To use Certbot, you must first enable the EPEL (Extra Packages for Enterprise Linux) repository.
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it is a wrapper that installs all of its own dependencies and updates the client code automatically.
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo ./path/to/certbot-auto certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo ./path/to/certbot-auto certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo ./path/to/certbot-auto certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Back to topPlesk on RHEL 6
Automated Install
Automated Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Advanced Install
Advanced Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Back to topNone of the above on RHEL 6
Automated Install
Install
Not all of Certbot's dependencies are available in the standard repositories. To use Certbot, you must first enable the EPEL (Extra Packages for Enterprise Linux) repository.
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it installs all of its own dependencies and updates the client code automatically.
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo ./path/to/certbot-auto certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo ./path/to/certbot-auto certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo ./path/to/certbot-auto certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Not all of Certbot's dependencies are available in the standard repositories. To use Certbot, you must first enable the EPEL (Extra Packages for Enterprise Linux) repository.
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it is a wrapper that installs all of its own dependencies and updates the client code automatically.
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo ./path/to/certbot-auto certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo ./path/to/certbot-auto certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo ./path/to/certbot-auto certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Back to topApache on CentOS/RHEL 7
Automated Install
Install
Certbot is packaged in EPEL (Extra Packages for Enterprise Linux). To use Certbot, you must first enable the EPEL repository. On RHEL or Oracle Linux, you must also enable the optional channel.
After doing this, you can install Certbot by running:
$ sudo yum install certbot-apache
Automated Get Started
Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --apache
Running this command will get a certificate for you and have Certbot edit your Apache configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Apache configuration by hand, you can use the certonly subcommand:
$ sudo certbot --apache certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Certbot is packaged in EPEL (Extra Packages for Enterprise Linux). To use Certbot, you must first enable the EPEL repository. On RHEL or Oracle Linux, you must also enable the optional channel.
After doing this, you can install Certbot by running:
$ sudo yum install certbot-apache
Advanced Get Started
Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --apache
Running this command will get a certificate for you and have Certbot edit your Apache configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Apache configuration by hand, you can use the certonly subcommand:
$ sudo certbot --apache certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Back to topNginx on CentOS/RHEL 7
Automated Install
Install
Certbot is packaged in EPEL (Extra Packages for Enterprise Linux). To use Certbot, you must first enable the EPEL repository. On RHEL or Oracle Linux, you must also enable the optional channel.
After doing this, you can install Certbot by running:
$ sudo yum install certbot-nginx
Automated Get Started
Certbot has an Nginx plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --nginx
Running this command will get a certificate for you and have Certbot edit your Nginx configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Nginx configuration by hand, you can use the certonly subcommand:
$ sudo certbot --nginx certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Certbot is packaged in EPEL (Extra Packages for Enterprise Linux). To use Certbot, you must first enable the EPEL repository. On RHEL or Oracle Linux, you must also enable the optional channel.
After doing this, you can install Certbot by running:
$ sudo yum install certbot-nginx
Advanced Get Started
Certbot has an Nginx plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --nginx
Running this command will get a certificate for you and have Certbot edit your Nginx configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Nginx configuration by hand, you can use the certonly subcommand:
$ sudo certbot --nginx certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Back to topHaproxy on CentOS/RHEL 7
Automated Install
Install
Certbot is packaged in EPEL (Extra Packages for Enterprise Linux). To use Certbot, you must first enable the EPEL repository. On RHEL or Oracle Linux, you must also enable the optional channel.
After doing this, you can install Certbot by running:
$ sudo yum install certbot
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Advanced Install
Install
Certbot is packaged in EPEL (Extra Packages for Enterprise Linux). To use Certbot, you must first enable the EPEL repository. On RHEL or Oracle Linux, you must also enable the optional channel.
After doing this, you can install Certbot by running:
$ sudo yum install certbot
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Back to topPlesk on CentOS/RHEL 7
Automated Install
Automated Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Advanced Install
Advanced Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Back to topNone of the above on CentOS/RHEL 7
Automated Install
Install
Certbot is packaged in EPEL (Extra Packages for Enterprise Linux). To use Certbot, you must first enable the EPEL repository. On RHEL or Oracle Linux, you must also enable the optional channel.
After doing this, you can install Certbot by running:
$ sudo yum install certbot
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Certbot is packaged in EPEL (Extra Packages for Enterprise Linux). To use Certbot, you must first enable the EPEL repository. On RHEL or Oracle Linux, you must also enable the optional channel.
After doing this, you can install Certbot by running:
$ sudo yum install certbot
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Back to topApache on FreeBSD
Automated Install
Install
Run these steps to install the Certbot client.
Port:
$ cd /usr/ports/security/py-certbot && make install clean
Package:
pkg install py27-certbot
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Run these steps to install the Certbot client.
Port:
$ cd /usr/ports/security/py-certbot && make install clean
Package:
pkg install py27-certbot
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Back to topNginx on FreeBSD
Automated Install
Install
Run these steps to install the Certbot client.
Port:
$ cd /usr/ports/security/py-certbot && make install clean
Package:
pkg install py27-certbot
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Run these steps to install the Certbot client.
Port:
$ cd /usr/ports/security/py-certbot && make install clean
Package:
pkg install py27-certbot
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Back to topHaproxy on FreeBSD
Automated Install
Install
Run these steps to install the Certbot client.
Port:
$ cd /usr/ports/security/py-certbot && make install clean
Package:
pkg install py27-certbot
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Advanced Install
Install
Run these steps to install the Certbot client.
Port:
$ cd /usr/ports/security/py-certbot && make install clean
Package:
pkg install py27-certbot
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Back to topPlesk on FreeBSD
Automated Install
Automated Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Advanced Install
Advanced Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Back to topNone of the above on FreeBSD
Automated Install
Install
Run these steps to install the Certbot client.
Port:
$ cd /usr/ports/security/py-certbot && make install clean
Package:
pkg install py27-certbot
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Run these steps to install the Certbot client.
Port:
$ cd /usr/ports/security/py-certbot && make install clean
Package:
pkg install py27-certbot
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Back to topApache on OpenBSD 5.9
Automated Install
Install
Run these steps to install the Certbot client.
Package:
pkg_add letsencrypt
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo letsencrypt certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo letsencrypt certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo letsencrypt certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo letsencrypt renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
letsencrypt renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && letsencrypt renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Run these steps to install the Certbot client.
Package:
pkg_add letsencrypt
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo letsencrypt certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo letsencrypt certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo letsencrypt certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo letsencrypt renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
letsencrypt renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && letsencrypt renew
More detailed information and options about renewal can be found in the full documentation.
Back to topNginx on OpenBSD 5.9
Automated Install
Install
Run these steps to install the Certbot client.
Package:
pkg_add letsencrypt
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo letsencrypt certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo letsencrypt certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo letsencrypt certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo letsencrypt renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
letsencrypt renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && letsencrypt renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Run these steps to install the Certbot client.
Package:
pkg_add letsencrypt
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo letsencrypt certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo letsencrypt certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo letsencrypt certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo letsencrypt renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
letsencrypt renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && letsencrypt renew
More detailed information and options about renewal can be found in the full documentation.
Back to topHaproxy on OpenBSD 5.9
Automated Install
Install
Run these steps to install the Certbot client.
Package:
pkg_add letsencrypt
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo letsencrypt certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo letsencrypt certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo letsencrypt certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo letsencrypt renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
letsencrypt renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && letsencrypt renew
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Advanced Install
Install
Run these steps to install the Certbot client.
Package:
pkg_add letsencrypt
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo letsencrypt certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo letsencrypt certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo letsencrypt certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo letsencrypt renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
letsencrypt renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && letsencrypt renew
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Back to topPlesk on OpenBSD 5.9
Automated Install
Automated Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Advanced Install
Advanced Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Back to topNone of the above on OpenBSD 5.9
Automated Install
Install
Run these steps to install the Certbot client.
Package:
pkg_add letsencrypt
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo letsencrypt certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo letsencrypt certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo letsencrypt certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo letsencrypt renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
letsencrypt renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && letsencrypt renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Run these steps to install the Certbot client.
Package:
pkg_add letsencrypt
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo letsencrypt certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo letsencrypt certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo letsencrypt certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo letsencrypt renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
letsencrypt renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && letsencrypt renew
More detailed information and options about renewal can be found in the full documentation.
Back to topApache on OpenBSD 6.0+
Automated Install
Install
Run these steps to install the Certbot client.
Package:
pkg_add certbot
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Run these steps to install the Certbot client.
Package:
pkg_add certbot
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Back to topNginx on OpenBSD 6.0+
Automated Install
Install
Run these steps to install the Certbot client.
Package:
pkg_add certbot
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Run these steps to install the Certbot client.
Package:
pkg_add certbot
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Back to topHaproxy on OpenBSD 6.0+
Automated Install
Install
Run these steps to install the Certbot client.
Package:
pkg_add certbot
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Advanced Install
Install
Run these steps to install the Certbot client.
Package:
pkg_add certbot
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Back to topPlesk on OpenBSD 6.0+
Automated Install
Automated Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Advanced Install
Advanced Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Back to topNone of the above on OpenBSD 6.0+
Automated Install
Install
Run these steps to install the Certbot client.
Package:
pkg_add certbot
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Run these steps to install the Certbot client.
Package:
pkg_add certbot
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Back to topApache on OpenBSD (other)
Automated Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it installs all of its own dependencies and updates the client code automatically.
Automated Get Started
Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo ./path/to/certbot-auto --apache
Running this command will get a certificate for you and have Certbot edit your Apache configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Apache configuration by hand, you can use the certonly subcommand:
$ sudo ./path/to/certbot-auto --apache certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it is a wrapper that installs all of its own dependencies and updates the client code automatically.
Advanced Get Started
Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo ./path/to/certbot-auto --apache
Running this command will get a certificate for you and have Certbot edit your Apache configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Apache configuration by hand, you can use the certonly subcommand:
$ sudo ./path/to/certbot-auto --apache certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Back to topNginx on OpenBSD (other)
Automated Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it installs all of its own dependencies and updates the client code automatically.
Automated Get Started
Certbot has an Nginx plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo ./path/to/certbot-auto --nginx
Running this command will get a certificate for you and have Certbot edit your Nginx configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Nginx configuration by hand, you can use the certonly subcommand:
$ sudo ./path/to/certbot-auto --nginx certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it is a wrapper that installs all of its own dependencies and updates the client code automatically.
Advanced Get Started
Certbot has an Nginx plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo ./path/to/certbot-auto --nginx
Running this command will get a certificate for you and have Certbot edit your Nginx configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Nginx configuration by hand, you can use the certonly subcommand:
$ sudo ./path/to/certbot-auto --nginx certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Back to topHaproxy on OpenBSD (other)
Automated Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it installs all of its own dependencies and updates the client code automatically.
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo ./path/to/certbot-auto certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo ./path/to/certbot-auto certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo ./path/to/certbot-auto certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Advanced Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it is a wrapper that installs all of its own dependencies and updates the client code automatically.
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo ./path/to/certbot-auto certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo ./path/to/certbot-auto certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo ./path/to/certbot-auto certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Back to topPlesk on OpenBSD (other)
Automated Install
Automated Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Advanced Install
Advanced Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Back to topNone of the above on OpenBSD (other)
Automated Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it installs all of its own dependencies and updates the client code automatically.
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo ./path/to/certbot-auto certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo ./path/to/certbot-auto certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo ./path/to/certbot-auto certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it is a wrapper that installs all of its own dependencies and updates the client code automatically.
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo ./path/to/certbot-auto certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo ./path/to/certbot-auto certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo ./path/to/certbot-auto certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Back to topApache on macOS
Automated Install
Install
Certbot is packaged for macOS via Homebrew. We recommend that you follow the official instructions for installing Homebrew, and then run this command to get the certbot package:
$ brew install certbot
Automated Get Started
Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --apache
Running this command will get a certificate for you and have Certbot edit your Apache configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Apache configuration by hand, you can use the certonly subcommand:
$ sudo certbot --apache certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Certbot is packaged for macOS via Homebrew. We recommend that you follow the official instructions for installing Homebrew, and then run this command to get the certbot package:
$ brew install certbot
Advanced Get Started
Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --apache
Running this command will get a certificate for you and have Certbot edit your Apache configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Apache configuration by hand, you can use the certonly subcommand:
$ sudo certbot --apache certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Back to topNginx on macOS
Automated Install
Install
Certbot is packaged for macOS via Homebrew. We recommend that you follow the official instructions for installing Homebrew, and then run this command to get the certbot package:
$ brew install certbot
Automated Get Started
Certbot has an Nginx plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --nginx
Running this command will get a certificate for you and have Certbot edit your Nginx configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Nginx configuration by hand, you can use the certonly subcommand:
$ sudo certbot --nginx certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Certbot is packaged for macOS via Homebrew. We recommend that you follow the official instructions for installing Homebrew, and then run this command to get the certbot package:
$ brew install certbot
Advanced Get Started
Certbot has an Nginx plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --nginx
Running this command will get a certificate for you and have Certbot edit your Nginx configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Nginx configuration by hand, you can use the certonly subcommand:
$ sudo certbot --nginx certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Back to topHaproxy on macOS
Automated Install
Install
Certbot is packaged for macOS via Homebrew. We recommend that you follow the official instructions for installing Homebrew, and then run this command to get the certbot package:
$ brew install certbot
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Advanced Install
Install
Certbot is packaged for macOS via Homebrew. We recommend that you follow the official instructions for installing Homebrew, and then run this command to get the certbot package:
$ brew install certbot
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Back to topPlesk on macOS
Automated Install
Automated Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Advanced Install
Advanced Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Back to topNone of the above on macOS
Automated Install
Install
Certbot is packaged for macOS via Homebrew. We recommend that you follow the official instructions for installing Homebrew, and then run this command to get the certbot package:
$ brew install certbot
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Certbot is packaged for macOS via Homebrew. We recommend that you follow the official instructions for installing Homebrew, and then run this command to get the certbot package:
$ brew install certbot
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
certbot renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
More detailed information and options about renewal can be found in the full documentation.
Back to topApache on Devuan Jessie 1.0
Automated Install
Install
Since Certbot is packaged for your system, all you'll need to do is apt-get the following packages.
First you'll have to enable the Jessie backports repo by creating this file. Then run:
$ sudo apt-get install python-certbot-apache -t jessie-backports
Automated Get Started
Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --apache
Running this command will get a certificate for you and have Certbot edit your Apache configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Apache configuration by hand, you can use the certonly subcommand:
$ sudo certbot --apache certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Since Certbot is packaged for your system, all you'll need to do is apt-get the following packages.
First you'll have to enable the Jessie backports repo by creating this file. Then run:
$ sudo apt-get install python-certbot-apache -t jessie-backports
Advanced Get Started
Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --apache
Running this command will get a certificate for you and have Certbot edit your Apache configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Apache configuration by hand, you can use the certonly subcommand:
$ sudo certbot --apache certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Back to topNginx on Devuan Jessie 1.0
Automated Install
Install
Since Certbot is packaged for your system, all you'll need to do is apt-get the following packages.
First you'll have to enable the Jessie backports repo by creating this file. Then run:
$ sudo apt-get install certbot -t jessie-backports
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Since Certbot is packaged for your system, all you'll need to do is apt-get the following packages.
First you'll have to enable the Jessie backports repo by creating this file. Then run:
$ sudo apt-get install certbot -t jessie-backports
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Back to topHaproxy on Devuan Jessie 1.0
Automated Install
Install
Since Certbot is packaged for your system, all you'll need to do is apt-get the following packages.
First you'll have to enable the Jessie backports repo by creating this file. Then run:
$ sudo apt-get install certbot -t jessie-backports
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Advanced Install
Install
Since Certbot is packaged for your system, all you'll need to do is apt-get the following packages.
First you'll have to enable the Jessie backports repo by creating this file. Then run:
$ sudo apt-get install certbot -t jessie-backports
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Back to topPlesk on Devuan Jessie 1.0
Automated Install
Automated Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Advanced Install
Advanced Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Back to topNone of the above on Devuan Jessie 1.0
Automated Install
Install
Since Certbot is packaged for your system, all you'll need to do is apt-get the following packages.
First you'll have to enable the Jessie backports repo by creating this file. Then run:
$ sudo apt-get install certbot -t jessie-backports
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Since Certbot is packaged for your system, all you'll need to do is apt-get the following packages.
First you'll have to enable the Jessie backports repo by creating this file. Then run:
$ sudo apt-get install certbot -t jessie-backports
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Back to topApache on Devuan (other)
Automated Install
Install
Since Certbot is packaged for your system, all you'll need to do is apt-get the following packages.
$ sudo apt-get install python-certbot-apache
Automated Get Started
Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --apache
Running this command will get a certificate for you and have Certbot edit your Apache configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Apache configuration by hand, you can use the certonly subcommand:
$ sudo certbot --apache certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Since Certbot is packaged for your system, all you'll need to do is apt-get the following packages.
$ sudo apt-get install python-certbot-apache
Advanced Get Started
Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --apache
Running this command will get a certificate for you and have Certbot edit your Apache configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Apache configuration by hand, you can use the certonly subcommand:
$ sudo certbot --apache certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Back to topNginx on Devuan (other)
Automated Install
Install
Since Certbot is packaged for your system, all you'll need to do is apt-get the following packages.
$ sudo apt-get install certbot
Automated Get Started
Certbot has an Nginx plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --nginx
Running this command will get a certificate for you and have Certbot edit your Nginx configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Nginx configuration by hand, you can use the certonly subcommand:
$ sudo certbot --nginx certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Since Certbot is packaged for your system, all you'll need to do is apt-get the following packages.
$ sudo apt-get install certbot
Advanced Get Started
Certbot has an Nginx plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo certbot --nginx
Running this command will get a certificate for you and have Certbot edit your Nginx configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Nginx configuration by hand, you can use the certonly subcommand:
$ sudo certbot --nginx certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Back to topHaproxy on Devuan (other)
Automated Install
Install
Since Certbot is packaged for your system, all you'll need to do is apt-get the following packages.
$ sudo apt-get install certbot
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Advanced Install
Install
Since Certbot is packaged for your system, all you'll need to do is apt-get the following packages.
$ sudo apt-get install certbot
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Back to topPlesk on Devuan (other)
Automated Install
Automated Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Advanced Install
Advanced Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Back to topNone of the above on Devuan (other)
Automated Install
Install
Since Certbot is packaged for your system, all you'll need to do is apt-get the following packages.
$ sudo apt-get install certbot
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Since Certbot is packaged for your system, all you'll need to do is apt-get the following packages.
$ sudo apt-get install certbot
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo certbot certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo certbot certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo certbot certonly --standalone -d example.com -d www.example.com
Automating renewal
The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo certbot renew --dry-run
More detailed information and options about renewal can be found in the full documentation.
Back to topApache on Other UNIX
Automated Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it installs all of its own dependencies and updates the client code automatically.
Automated Get Started
Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo ./path/to/certbot-auto --apache
Running this command will get a certificate for you and have Certbot edit your Apache configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Apache configuration by hand, you can use the certonly subcommand:
$ sudo ./path/to/certbot-auto --apache certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it is a wrapper that installs all of its own dependencies and updates the client code automatically.
Advanced Get Started
Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo ./path/to/certbot-auto --apache
Running this command will get a certificate for you and have Certbot edit your Apache configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Apache configuration by hand, you can use the certonly subcommand:
$ sudo ./path/to/certbot-auto --apache certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Back to topNginx on Other UNIX
Automated Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it installs all of its own dependencies and updates the client code automatically.
Automated Get Started
Certbot has an Nginx plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo ./path/to/certbot-auto --nginx
Running this command will get a certificate for you and have Certbot edit your Nginx configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Nginx configuration by hand, you can use the certonly subcommand:
$ sudo ./path/to/certbot-auto --nginx certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it is a wrapper that installs all of its own dependencies and updates the client code automatically.
Advanced Get Started
Certbot has an Nginx plugin, which is supported on many platforms, and automates both obtaining and installing certs:
$ sudo ./path/to/certbot-auto --nginx
Running this command will get a certificate for you and have Certbot edit your Nginx configuration automatically to serve it. If you're feeling more conservative and would like to make the changes to your Nginx configuration by hand, you can use the certonly subcommand:
$ sudo ./path/to/certbot-auto --nginx certonlyTo learn more about how to use Certbot read our documentation.
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Back to topHaproxy on Other UNIX
Automated Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it installs all of its own dependencies and updates the client code automatically.
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo ./path/to/certbot-auto certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo ./path/to/certbot-auto certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo ./path/to/certbot-auto certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Advanced Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it is a wrapper that installs all of its own dependencies and updates the client code automatically.
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet officially support automatic installation you should probably use the certonly command to obtain your certificate.
$ sudo ./path/to/certbot-auto certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo ./path/to/certbot-auto certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo ./path/to/certbot-auto certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Installing a cert in HAProxy
Certificate installation with HAProxy is complicated; you probably want to follow one of these guides.
or
Or you might be interested in using the experimental third-party HAProxy plugin from Greenhost.
Back to topPlesk on Other UNIX
Automated Install
Automated Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Advanced Install
Advanced Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Back to topNone of the above on Other UNIX
Automated Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it installs all of its own dependencies and updates the client code automatically.
Automated Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo ./path/to/certbot-auto certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo ./path/to/certbot-auto certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo ./path/to/certbot-auto certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Advanced Install
Install
Since it doesn't seem like your operating system has a packaged version of Certbot, you should use our certbot-auto script to get a copy:
wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto
certbot-auto accepts the same flags as certbot; it is a wrapper that installs all of its own dependencies and updates the client code automatically.
Advanced Get Started
Certbot supports a number of different “plugins” that can be used to obtain and/or install certificates.
Since your server architecture doesn't yet support automatic installation you'll have to use the certonly command to obtain your certificate.
$ sudo ./path/to/certbot-auto certonly
This will allow you interactively select the plugin and options used to obtain your certificate. If you already have a webserver running, we recommend choosing the "webroot" plugin.
Alternatively, you can specify more information on the command line.
To obtain a cert using the "webroot" plugin, which can work with the webroot directory of any webserver software:
$ sudo ./path/to/certbot-auto certonly --webroot -w /var/www/example -d example.com -d www.example.com -w /var/www/thing -d thing.is -d m.thing.is
This command will obtain a single cert for example.com, www.example.com, thing.is, and m.thing.is; it will place files below /var/www/example to prove control of the first two domains, and under /var/www/thing for the second pair.
To obtain a cert using a built-in “standalone” webserver (you may need to temporarily stop your existing webserver, if any) for example.com and www.example.com:
$ sudo ./path/to/certbot-auto certonly --standalone -d example.com -d www.example.com
Automating renewal
Certbot can be configured to renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:
$ sudo ./path/to/certbot-auto renew --dry-runIf that appears to be working correctly, you can arrange for automatic renewal by adding a cron job or systemd timer which runs the following:
./path/to/certbot-auto renew
An example cron job might look like this, which will run at noon and midnight every day:
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && ./path/to/certbot-auto renew
More detailed information and options about renewal can be found in the full documentation.
Back to topApache on Non-UNIX
Automated Install
Automated Get Started
Certbot is currently only available for UNIX-like operating systems. Although EFF's Certbot might not work for your use case, there are many other clients written by other organizations and developers that you may be able to use to obtain a certificate from Let's Encrypt.
Advanced Install
Advanced Get Started
Certbot is currently only available for UNIX-like operating systems. Although EFF's Certbot might not work for your use case, there are many other clients written by other organizations and developers that you may be able to use to obtain a certificate from Let's Encrypt.
Back to topNginx on Non-UNIX
Automated Install
Automated Get Started
Certbot is currently only available for UNIX-like operating systems. Although EFF's Certbot might not work for your use case, there are many other clients written by other organizations and developers that you may be able to use to obtain a certificate from Let's Encrypt.
Advanced Install
Advanced Get Started
Certbot is currently only available for UNIX-like operating systems. Although EFF's Certbot might not work for your use case, there are many other clients written by other organizations and developers that you may be able to use to obtain a certificate from Let's Encrypt.
Back to topHaproxy on Non-UNIX
Automated Install
Automated Get Started
Certbot is currently only available for UNIX-like operating systems. Although EFF's Certbot might not work for your use case, there are many other clients written by other organizations and developers that you may be able to use to obtain a certificate from Let's Encrypt.
Advanced Install
Advanced Get Started
Certbot is currently only available for UNIX-like operating systems. Although EFF's Certbot might not work for your use case, there are many other clients written by other organizations and developers that you may be able to use to obtain a certificate from Let's Encrypt.
Back to topPlesk on Non-UNIX
Automated Install
Automated Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Advanced Install
Advanced Get Started
For Plesk you won't even need to install Certbot. Instead, use the extension already available in Plesk — it will also give you automatic renewal of your certificates out-of-the-box as well! Read more about the extension here.
Back to topNone of the above on Non-UNIX
Automated Install
Automated Get Started
Certbot is currently only available for UNIX-like operating systems. Although EFF's Certbot might not work for your use case, there are many other clients written by other organizations and developers that you may be able to use to obtain a certificate from Let's Encrypt.
Advanced Install
Advanced Get Started
Certbot is currently only available for UNIX-like operating systems. Although EFF's Certbot might not work for your use case, there are many other clients written by other organizations and developers that you may be able to use to obtain a certificate from Let's Encrypt.
Back to top