Using Certbot Docker Image
This tutorial will show you how to use the Certbot Docker image to generate Lets Encrypt SSL certificates. This does so by serving up a TXT record that LetsEncrypt will check for. Thus it requires that this action be taken on the server that the domain points to.
Prerequisites
This tutorial assumes you have installed Docker.
Steps
Run the command below on your server (after changing the DOMAIN variable)
LETSENCRYPT_VOLUME_DIR=$HOME/letsencrypt
DOMAIN="www.mydomain.com"
sudo docker run \
--interactive \
--tty \
--rm \
--name certbot \
-p 80:80 \
-p 443:443 \
-v "$LETSENCRYPT_VOLUME_DIR:/etc/letsencrypt" \
certbot/certbot \
certonly -d $DOMAIN --standalone
After you have completed this once, you can automatically renew by running the following:
LETSENCRYPT_VOLUME_DIR=$HOME/letsencrypt
DOMAIN="www.mydomain.com"
EMAIL="support@mydomain.com"
sudo docker run \
--interactive \
--tty \
--rm \
--name certbot \
-p 80:80 \
-p 443:443 \
-v "$LETSENCRYPT_VOLUME_DIR:/etc/letsencrypt" \
certbot/certbot \
certonly --standalone -d $DOMAIN --quiet
-d $DOMAIN
with different domains won't work.
The certificates will be in $LETSENCRYPT_VOLUME_DIR/archive
with a symlink to the latest ones in $LETSENCRYPT_VOLUME_DIR/live
, so we can copy them to where we want by using:
sudo cp \
--recursive \
--dereference \
$LETSENCRYPT_VOLUME_DIR/live \
/path/to/output/dir
sudo chown --recursive $USER:$USER /path/to/output/dir
References
First published: 12th March 2021