I need to get certificate manually (because I need wildcard certificate) and after that install it to apache.
I run this command:
certbot certonly --manual -d *.amgmedia.ru --agree-tos --no-bootstrap --manual-public-ip-logging-ok --preferred-challenges dns-01 --server https://acme-v02.api.letsencrypt.org/directory
it works fine but it only GET certificate.
How could I install it after that?
Using certonly only gets the cert and it does nothing else for you.
You would need to do the rest for yourself or rerun the command without certonly.
Maybe try also adding the root domain this time:
certbot --manual -d "*.amgmedia.ru" -d amgmedia.ru --agree-tos --no-bootstrap --manual-public-ip-logging-ok --preferred-challenges dns-01 --server https://acme-v02.api.letsencrypt.org/directory
1 Like
and also I need to add “-i apache” parameter
after that it works
And what should I do if I need to renew certificate?
Do I need again to update DNS record?
Yeah. You'll need to repeat the process again and go to your apache virtual hosts and change the certificate / key referrence to the matched path...
This is needed because manual certificates without appropriate scripts can't be renewed automatically.
Thank you
So the only way to update is manual?
Yes. Currently, certbot’s renew function is designed to run in timer / cron jobs and complete challenge, update certificates automatically, which does not allow you to manually add DNS entries.(However, this might change in the future.)
If you have an script that could connect to your DNS provider’s API endpoints and automatically update the required DNS records, you could use --manual-auth-hook to specify it.
1 Like
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.