Install ACME Client
- There are many ACME client tools out there to choose. I used certbot because it is offically recommended in Letsencrypt site.
- You simply follow instructions on certbot site to grab appropriate package for your target machine.
- To be able to issue wildcard ssl, we need to use certbot 0.22+. But it is not available for Debian 8 installed on my Raspberry Pi. I have to install certbot-auto. I followed this link to install certbot-auto
Issue Wildcard SSL
- Run the following command to issue SSL
- cd to folder where you have grabbed certbot-auto
sudo ./certbot-auto -d *.your.domain --manual --server https://acme-v02.api.letsencrypt.org/directory --preferred-challenges dns-01 certonly
- follow the instructions of installer.
- You only need to pay attention to a important step that require you to add TXT dns record into your dns.
Renew SSL Certificate
sudo ./certbot-auto renew --cert-name tuanquynet.click --standalone --preferred-challenges dns-01 --server https://acme-v02.api.letsencrypt.org/directory
- That's it