Install

• pip install --upgrade setuptools
• cd /usr/local/sbin
• wget https://dl.eff.org/certbot-auto
• chmod a+x certbot-auto
• test -d /etc/apache2/ssl || mkdir /etc/apache2/ssl
• cd /etc/apache2/ssl
• wget https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem

Real Install

• certbot-auto certonly

Dry Run

• certbot-auto renew --dry-run

• /usr/local/sbin/certbot-auto renew --no-self-upgrade --dry-run --force-renewal --pre-hook "systemctl stop apache2.service" --post-hook "systemctl start apache2.service

Apache2 Example

<IfModule mod_ssl.c>
 <VirtualHost _default_:443>
 Servername www.example.com
 SSLCertificateFile /etc/letsencrypt/live/www.example.com/fullchain.pem
 SSLCertificateKeyFile /etc/letsencrypt/live/www.example.com/privkey.pem
 SSLCertificateChainFile /etc/apache2/ssl/lets-encrypt-x3-cross-signed.pem
 Include /etc/letsencrypt/options-ssl-apache.conf
 ...
 ...
 ...

 </VirtualHost>
</IfModule>

Cron Examples

restart service

• /usr/local/sbin/certbot-auto renew --quiet --no-self-upgrade --post-hook "service apache2 restart" >> /var/log/letsencrypt.log 2>&1

stop and start service

• /usr/local/sbin/certbot-auto renew --quiet --no-self-upgrade --pre-hook "service apache2 stop" --post-hook "service apache2 start" >> /var/log/letsencrypt.log 2>&1

specified domain

• /usr/local/sbin/certbot-auto certonly -n --apache -d www.xxxx-xx.de --post-hook --post-hook "service apache2 start"

systemctl

• /usr/local/sbin/certbot-auto renew --no-self-upgrade --pre-hook "systemctl stop apache2.service" --post-hook "systemctl start apache2.service

Don't forget to Backup this Directory because there are you Accountdata

• /etc/letsencrypt

Links

• https://certbot.eff.org/docs/using.html