Skip to content

Instantly share code, notes, and snippets.

@sodonnell
Last active March 31, 2020 10:46
Show Gist options
  • Save sodonnell/543404ce58a81f99ee9e6ce9d3b95f2d to your computer and use it in GitHub Desktop.
Save sodonnell/543404ce58a81f99ee9e6ce9d3b95f2d to your computer and use it in GitHub Desktop.
Let's Encrypt/certbot wildcard certificate configuration for Apache HTTP Server
#!/usr/bin/env bash
###########################
# define your fully qualified domain name.
FQDN=mydomainname.com
###########################
# wildcard cert config
# Assuming you're using various vhosts/sub-domains,
# you'll most likely want to choose a wildcard certificate.
# 1) Setup wildcard cert and receive _acme-challenge TXT record for DNS verification
sudo certbot --server https://acme-v02.api.letsencrypt.org/directory -d *.${FQDN} --manual --preferred-challenges dns-01 certonly
# 2) Configure wildcard cert and domain name cert to support non-vhost (i.e. https://mydomainname.com)
# as well as vhosts (i.e. https://www.mydomainname.com)
sudo certbot run -a webroot -i apache -w /var/www/html -d ${FQDN} -d *.${FQDN}
###########################
# Non-wilcard cert config
#sudo certbot run -a webroot -i apache -w /var/www/html -d ${FQDN}
@sodonnell
Copy link
Author

Renew certs:
sudo certbot renew -w /var/www/html

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment