certbot --apache<\/code><\/pre>\n\n\n\nPrerequisites<\/h2>\n\n\n\n
We’ve already mention that the main prerequisite is to have a live website, certbot will check that your website actually has a valid domain name, in case your website have subdomains <\/strong>the bot will also get certificates for them.<\/p>\n\n\n\n![\"\"](\"https:\/\/lamp.ciscoar.com\/wp-content\/uploads\/2020\/03\/list-of-subdomains-apache-centos7.jpg\")
<\/a>Website subdomains – Apache CentOS 7<\/figcaption><\/figure><\/div>\n\n\n\nRunning Certbot on a LAB<\/h2>\n\n\n\n
I’m going to show you the first part on my LAB, and the second part<\/a> on a real website.<\/p>\n\n\n\n![\"\"](\"https:\/\/lamp.ciscoar.com\/wp-content\/uploads\/2020\/03\/running-certbot.gif\")
<\/figure><\/div>\n\n\n\nThe next step can not be completed on a LAB environment because Certbot will live check your website domain and also its subdomains.<\/p>\n\n\n\n
Certbot log<\/h2>\n\n\n\n
Here you can see the log produced by running certbot on a LAB and cancelling before starting the domain part.<\/p>\n\n\n\n
[root@centos7 ~]# certbot --apache\nSaving debug log to \/var\/log\/letsencrypt\/letsencrypt.log\nPlugins selected: Authenticator apache, Installer apache\nEnter email address (used for urgent renewal and security notices) (Enter 'c' to\ncancel): pepe@argento.com\nStarting new HTTPS connection (1): acme-v02.api.letsencrypt.org\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nPlease read the Terms of Service at\nhttps:\/\/letsencrypt.org\/documents\/LE-SA-v1.2-November-15-2017.pdf. You must\nagree in order to register with the ACME server at\nhttps:\/\/acme-v02.api.letsencrypt.org\/directory\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n(A)gree\/(C)ancel: A\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nWould you be willing to share your email address with the Electronic Frontier\nFoundation, a founding partner of the Let's Encrypt project and the non-profit\norganization that develops Certbot? We'd like to send you email about our work\nencrypting the web, EFF news, campaigns, and ways to support digital freedom.\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n(Y)es\/(N)o: N\n\nWhich names would you like to activate HTTPS for?\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n1: centos7.local.lab\n2: java.centos7.local.lab\n3: www.java.centos7.local.lab\n4: lamp.centos7.local.lab\n5: www.lamp.centos7.local.lab\n6: php.centos7.local.lab\n7: www.php.centos7.local.lab\n8: www.centos7.local.lab\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nSelect the appropriate numbers separated by commas and\/or spaces, or leave input\nblank to select all options shown (Enter 'c' to cancel): c\nPlease specify --domains, or --installer that will help in domain names autodiscovery, or --cert-name for an existing certificate name.\n\nIMPORTANT NOTES:\n - Your account credentials have been saved in your Certbot\n configuration directory at \/etc\/letsencrypt. You should make a\n secure backup of this folder now. This configuration directory will\n also contain certificates and private keys obtained by Certbot so\n making regular backups of this folder is ideal.\n<\/code><\/pre>\n\n\n\nHow Certbot works?<\/h2>\n\n\n\n
Certbot will first search on your server for domain and subdomains, then it will present a list of domains and subdomains found on your server and you have to choose for which of them you want to get the certificates.<\/p>\n\n\n\n
![\"\"](\"https:\/\/lamp.ciscoar.com\/wp-content\/uploads\/2020\/03\/list-of-subdomains-found-by-certbot.jpg\")
<\/a><\/figure><\/div>\n\n\n\nWhere to go next?<\/h2>\n\n\n\n
The next step cannot be performed on a LAB where the domain and subdomains are not really live and only exist on your LAB, the challenge part won’t pass and for that reason I’m going to show you the second part on a real website, see following article.<\/p>\n\n\n\n