How to create Aqueduct Server key and cert file?


I am developing mobile app and I am using aqueduct server on backend. explains to get cert and pem files from this site. But I don’t know how to apply to get server.key.pem and server.cert.pem?

I am using Ubuntu 18.04 and install the openssl 1.1.1_pre8

Any help please?

Hi @NTMS2017

first you have to start with an ACME-Client, that orders a new certificate. See

If you can use certbot, then you may use the certonly - option to get a certificate without installation.

Then you have two files, you can use these as server.key.pem and server.cert.pem.

Hi, Juergen

what is the best to use for Ubuntu 18.04 Desktop, ACME-Client or certbot?


Certbot is an ACME-Client. So please read first


Thanks Juergen,

Problem is that I don’t use web site domain. Its a local machine with runs the Aqueduct Server via command terminal ( In their website talks about, so does did similar for aqueduct? Or without web site domain how to get cert and pem files?

I install Certbot to my Ubuntu 18.04 and in Certbot site state that " **Certbot’s DNS plugins are also available for your system which can be used to automate obtaining a wildcard certificate from Let’s Encrypt’s ACMEv2 server.**" but I cannot find any plugin for aqueduct server.

I guess only part is to use certonly - option but I am new to Certbot so I have no idea to get any help.

You need a public domain Then there are two challenges (http-01 or dns-01 - validation) and three options:

  1. You create an A-record to your local machine (via dynamic dns or something else), then you can use certbot to spin up a temporary webserver (with the --standalone - option) to validate your ownership of the domain.

  2. Your dns-provider supports an api, so your local certbot uses a plugin to create a special dns text entry. That should work if your local machine is able to create outbound connections.

  3. You create that dns entry manual (using the --manual - option). But you have to repeat that every 60 - 90 day, because Letsencrypt certificates only 90 days valide. So this is painful.

So you can use (3) to test it. But it's not really a solution.

Thank you very much. I will read the User Guide to get solution to my server. Kind Regards

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.