Create manually just a cert without need of .well-known/acme-challenge/

My domain is:

I ran this command: certbot certonly --manual --preferred-challenges http --agree-tos --register-unsafely-without-email --cert-name wichrowebrody.crt --domain --domain

It produced this output:

I retrieved the certificates but I had to add manually the tokens to .well-known/acme-challenge/. Is there a way to retrieve just a certs (without applying the changes to http server by cerbot) without adding those tokens?

Let’s say I would like to create and renew the cert automatically (if expires soon) but in this scenario I would be forced to again create token files so it won’t be done automatically.

My web server is (include version): apache2/nginx

The operating system my web server runs on is (include version): centos 7

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.39.0

1 Like

Hi @tasiorek27

please read some basics:

Then something about challenge types:

So the answer is: These tokens are required, you have to proof you own the domain name.


Something you might like if you don’t want Certbot to edit your web server configuration is --webroot, where Certbot will create text files within the specified document root containing the tokens, but not edit the web server configuration. This can be automated because Certbot (once it knows the appropriate directory path) can add the appropriate tokens during a renewal without any human intervention.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.