Portfolio
Projekte u.a.
QVC Tele Shopping
Uni Kliniken Bonn
Arai Helmets
Condomi
Krebsflugtage
Kinderkrebsflugtage
Fliegen mit krebskranken Kindern beim LSG Steinfurt
LSG Steinfurt
EDV Geschichte
EDV
Geschichte
Kontakt
So erreichen Sie uns
Kontakt

Wichtige Sicherheitsinformationen rund um IT-Sicherheit finden Sie hier:

heise Security

und hier

Golem Security

NCLA

MCITP

LPIC

Let's encrypt Wildcard Zertifikat via command line

Details
Kategorie: SSL

Command Line for generating a Wildcard SSL Certificate with Let's Encrypt:

 

certbot certonly --manual --preferred-challenges=dns --email Diese E-Mail-Adresse ist vor Spambots geschützt! Zur Anzeige muss JavaScript eingeschaltet sein. --server https://acme-v02.api.letsencrypt.org/directory --agree-tos -d example.com -d *.example.com

 

 Replace example.com with your Domainname.

 

The command options above are explained below:

  • certonly:                                     Obtain or renew a certificate, but do not install
  • –manual:                                    Obtain certificates interactively
  • –preferred-challenges=dns:      Use dns to authenticate domain ownership
  • –server:                                      Specify the endpoint to use to generate
  • –agree-tos:                                 Agree to the ACME server’s subscriber terms
  • -d:                                               Domain name to provide certificates for

After executing the command above, Let’s Encrypt will provide a text string to add a text record to your DNS entry…

Example:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None

-------------------------------------------------------------------------------
Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project and the non-profit
organization that develops Certbot? We'd like to send you email about EFF and
our work to encrypt the web, protect its users and defend digital rights.
-------------------------------------------------------------------------------
(Y)es/(N)o: y
Obtaining a new certificate
Performing the following challenges:
dns-01 challenge for example.com

-------------------------------------------------------------------------------
NOTE: The IP of this machine will be publicly logged as having requested this
certificate. If you're running certbot in manual mode on a machine that is not
your server, please ensure you're okay with that.

Are you OK with your IP being logged?
-------------------------------------------------------------------------------
(Y)es/(N)o: y

-------------------------------------------------------------------------------
Please deploy a DNS TXT record under the name
_acme-challenge.example.com with the following value:

x4MrZ6y-JqFJQRmq_lGi9ReRQHPa1aTC9J2O7wDKzq8

Before continuing, verify the record is deployed.

Go to your DNS provider portal and add a text record for the string above and save…