แสดงความเห็น

วิธีติดตั้ง Wildcard Certificate ของ Letsencrypt ผ่าน certbot แบบติดตั้งเอง บน Ubuntu

  1. ติดตั้ง certbot
    sudo apt install certbot
  2. ใช้ certbot เพื่อติดตั้ง certificate
    sudo certbot certonly --manual --email mail@example.com -d *.example.com

    Saving debug log to /var/log/letsencrypt/letsencrypt.log
    Plugins selected: Authenticator manual, Installer None
    Obtaining a new certificate
    Performing the following challenges:
    dns-01 challenge for example.com
     
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    NOTE: The IP of this machine will be publicly logged as having requested this
    certificate. If you're running certbot in manual mode on a machine that is not
    your server, please ensure you're okay with that.
     
    Are you OK with your IP being logged?
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    (Y)es/(N)o: Y
     
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Please deploy a DNS TXT record under the name
    _acme-challenge.example.com with the following value:
     
    xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
     
    Before continuing, verify the record is deployed.
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Press Enter to Continue
  3. สร้าง TXT record ใน DNS ตั้งชื่อเป็น _acme-challenge แล้วกรอกค่าเป็น xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx ตามที่ certbot แสดง จากนั้นกด enter

    Waiting for verification...
    Cleaning up challenges
     
    IMPORTANT NOTES:
     - Congratulations! Your certificate and chain have been saved at:
       /etc/letsencrypt/live/crackerizer.ml/fullchain.pem
       Your key file has been saved at:
       /etc/letsencrypt/live/crackerizer.ml/privkey.pem
       Your cert will expire on 2020-05-16. To obtain a new or tweaked
       version of this certificate in the future, simply run certbot
       again. To non-interactively renew *all* of your certificates, run
       "certbot renew"
     - If you like Certbot, please consider supporting our work by:
     
       Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
       Donating to EFF:                    https://eff.org/donate-le
     
  4. การติดตั้งเสร็จสิ้น

 

(If you're a human, don't change the following field)
Your first name.
(If you're a human, don't change the following field)
Your first name.
(If you're a human, don't change the following field)
Your first name.

Filtered HTML

  • Web page addresses and e-mail addresses turn into links automatically.
  • แท็กคำสั่ง HTML ที่อนุญาตให้ใช้งานได้: <a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.
  • Captions may be specified with [caption caption="Image caption"]<img src="example.png" />[/caption]. Items can be aligned with [caption align="left"].

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.