Skip to main content

Using Certbot

Certbot is a client-side tool that uses the Let's Encrypt (ACME) protocol to obtain and renew SSL certificates. It is a free tool that lets you automatically obtain and renew SSL certificates for your domain. The official documentation is available here but the following should be most of what you'll need to know.

Requesting a new certificate

To request a new SSL certificate, first make sure you have your domain name registered and a DNS record set up. Then, run the following command:

certbot --nginx -d --register-unsafely-without-email --no-redirect --agree-tos

Listing certificates

To view the certificate(s) you've installed, run the following command:

certbot certificates

Testing the auto-renewal

After creating a certificate with certbot, you can test it by running the following command:

certbot renew --dry-run

Deleting a certificate

There might be a time when you want to delete a certificate. The proper way to do this is to run the following command:

certbot delete --cert-name
# or to choose from a list:
certbot delete