1  <!DOCTYPE html>
  2  <html lang="de">
  3     <head>
  4        <meta charset="UTF-8" />
  5        <meta name="viewport" content="width=device-width, initial-scale=1.0" />
  6        <meta http-equiv="onion-location" content="http://bopbopl6lohkl2rts3ltesjnag4hzs4jrx2h6k6etgq5xasbpqekzlqd.onion" />
  7        <title>BOP Wiki: Let's Encrypt / Certbot</title>
  8        <link rel="stylesheet" href="/assets/stylesheet.css" />
  9        <link rel="icon" type="image/x-icon" href="/assets/img/favicon.png">
 10     </head>
 11     <body>
 12        <header>
 13           <!-- --------------------------------------------------------------------------------------------------------------------------------- -->
 14           <script src="/assets/js/navbar-OpenClose.js"></script>
 15           <script src="/assets/js/lightbox.js"></script>
 16            <script src="/assets/js/copyCodeButton.js"></script>
 17           <link rel="stylesheet" href="/resources/js-libraries/highlightJS/atom-one-dark.min.css">
 18           <script src="/resources/js-libraries/highlightJS/highlight.min.js"></script>
 19           <script src="/resources/js-libraries/highlightJS/highlightjs-line-numbers.min.js"></script>
 20           <script>hljs.highlightAll();</script>
 21           <script>hljs.initLineNumbersOnLoad();</script>
 22           <!-- --------------------------------------------------------------------------------------------------------------------------------- -->
 23           <div class="branding">
 24              <button class="toggle-btn-navbar" id="navbarOpenButton">☰</button>
 25              <a href="/">
 26              <img class="logo" src="/assets/img/logo.png">
 27              </a>
 28              <div class="typing-animation">BytesOfProgress</div>
 29           </div>
 30        </header>
 31        <div id="navbarContainer" class="navbar-container">
 32           <iframe class="navbar-iframe" src="/assets/navbar/navbar.html" frameBorder= "0"></iframe>
 33        </div>
 34        <main>
 35           <article class="blog-post">
 36              <header class="post-header">
 37                 <h1 class="post-title">Let's Encrypt / Certbot</h1>
 38              </header>
 39           </article>
 40           <nav class="breadcrumb">
 41              <a href="/">Home</a>
 42              <span class="divider">›</span>
 43              <a href="/wiki/">Wiki</a>
 44              <span class="divider">›</span>
 45              <a href="/wiki/tutorials/tutorials.html">Tutorials</a>
 46              <span class="divider">›</span>
 47              <span class="current">Let's Encrypt / Certbot</span>
 48           </nav>
 49           <section class="post-content">
 50              <p>
 51                 Let’s Encrypt is an automated and open certificate authority (CA)
 52                 operated by the Internet Security Research Group (ISRG) and founded
 53                 by the Electronic Frontier Foundation (EFF), the Mozilla Foundation
 54                 and others. It offers free SSL/TLS certificates, which are commonly
 55                 used to encrypt communications for security and privacy purposes,
 56                 with the most notable use case being HTTPS. Let’s Encrypt relies
 57                 on the Automatic Certificate Management Environment (ACME)
 58                 protocol to issue, revoke, and renew certificates.
 59              </p>
 60              <p>
 61                 Certbot is a free and open source utility primarily used for managing
 62                 SSL/TLS certificates from the Let’s Encrypt certification authority.
 63              </p>
 64              <p>
 65                 Requirements: A registered domain name with an A record pointing to
 66                 your IPv4 address and root shell access to a Debian based machine.
 67              </p>
 68              <p>
 69                 Step 1: Installing Snapd.
 70              </p>
 71              <blockquote>
 72                 # apt install snapd && snap install core
 73              </blockquote>
 74              <p>
 75                 Step 2: Installing Certbot snap package.
 76              </p>
 77              <blockquote>
 78                 # snap install --classic certbot
 79              </blockquote>
 80              <p>
 81                 Step 3: Run following command to verify that the certbot command is executable:
 82              </p>
 83              <blockquote>
 84                 # ln -s /snap/bin/certbot /usr/bin/certbot
 85              </blockquote>
 86              <p>
 87                 Step 4: Run Certbot with the webserver you are using specified:
 88              </p>
 89              <div class="code-box">
 90                 <pre><code># FOR NGINX
 91  # certbot --nginx
 92  
 93  # FOR APACHE
 94  # certbot --apache</code></pre>
 95              </div>
 96              <p>
 97                 The Certbot packages installed on your system include a cron job
 98                 or systemd timer. These automatically renew your certificates
 99                 before expiration, eliminating the need for manual intervention
100                 unless your configuration changes. To confirm automatic renewal
101                 functionality, you can execute the following command:
102              </p>
103              <blockquote>
104                 # certbot renew --dry-run
105              </blockquote>
106              <p>
107                 Step 5: To verify the correct setup of your site, open your browser
108                 and navigate to "https://yoursite.tld/", instead of "http://yoursite.tld/".
109                 Check for the presence of a lock icon in the URL bar.
110              </p>
111           </section>
112           <footer class="post-footer">
113              <a href="/wiki/tutorials/tutorials.html" class="cta-button">← Back</a>
114           </footer>
115        </main>
116     </body>
117  </html>