Using Certbot
Certbot is a client-side tool that uses the Let's Encrypt (ACME) protocol to obtain and renew SSL certificates. It is a free tool that lets you automatically obtain and renew SSL certificates for your domain. The official documentation is available here but the following should be most of what you'll need to know.
Requesting a new certificate
To request a new SSL certificate, first make sure you have your domain name registered and a DNS record set up. Then, run the following command:
certbot --nginx -d node1.pokt.run --register-unsafely-without-email --no-redirect --agree-tos
Listing certificates
To view the certificate(s) you've installed, run the following command:
certbot certificates
Testing the auto-renewal
After creating a certificate with certbot, you can test it by running the following command:
certbot renew --dry-run
Deleting a certificate
There might be a time when you want to delete a certificate. The proper way to do this is to run the following command:
certbot delete --cert-name example.com
# or to choose from a list:
certbot delete