I needed to get TLS certs with lets encrypt for a Debian 9 (Stretch)
It's super easy to get TLS certificates with
certbot. Please note that there
are several ways to do a ACME verification. Using
apache looks similar to
using nginx. There's also a standalone server built into certbot should you
have no http server running.
# install required packages sudo apt install certbot python-cerbot-nginx # get certificates # use the fqdn (full qualified domain name) of the machine you're running # this on instead or example.com. Also supply a mail address for # notifications from lets encrypt instead of firstname.lastname@example.org sudo certbot certonly --agree-tos --nginx -d example.com -m email@example.com # add cronjob for renewing certs sudo bash -c '(crontab -l; echo "@daily certbot renew --quiet") | crontab -'
That's it. Go ahead and take a look at your certificates.
sudo ls -l /etc/letsencrypt/live