I'm looking for some direction/help on setting up DNS-01 for wildcard cert using Namecheap, Cloudflare and of course Letsencrypt.
From what I'm able to gather, I can use the Cloudflare API for free for wild card certs, utilizing their DNS servers. So I'm trying to establish the necessary steps to do so and could use some help/guidance...
Create an free account with Cloudflare
Change the default Nameservers on NameCheap to point to the Cloudflare nameservers.
Get Cloudflare API Zone Token
Install acme.sh on Namecheap
??? Export the API token export CF_Token= , will this change unless I update it ???
??? Run a similar command to the following create the Cert ?? ** `./acme.sh --issue --server letsencrypt --dns dns_cf --keylength ec-384 -d mydomain.com -d*mydomain.com -w /home/mykeys/...** ???
For refresh CRONTAB is set, but how do the new keys get utilized ???
If you follow that blog do not use the --ocsp-must-staple option. It is going away starting in January 2025. See the Let's Encrypt post about that: Ending OCSP Support in 2025 - Let's Encrypt
Thanks for the links... looking through the 3rd link for Keyvan's, very helpful, it looks like there are essentially 2 commands being used to get and install.
The first command gets the cert - (less the --ocsp-must-staple)
So will ACME.sh execute both the get and install of the cert when the CRONTAB executes or do they require separate jobs? or... does just updating the cert, perform the necessary steps as it would be overwriting the original cert?
Still a little foggy on the updating process as the cert is renewed..