之前苦惱網站用非標準 Port 怎麼申請let`s encrypt 免費憑證,後來發現原來用DNS方式就可以了~
$ sudo certbot certonly --manual --preferred-challenges=dns -d domain.name
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Cert is due for renewal, auto-renewing…
Renewing an existing certificate
Performing the following challenges:
dns-01 challenge for xxx.cwlove.idv.tw
NOTE: The IP of this machine will be publicly logged as having requested this
certificate. If you're running certbot in manual mode on a machine that is not
your server, please ensure you're okay with that.
Are you OK with your IP being logged?
(Y)es/(N)o: Y
Please deploy a DNS TXT record under the name
_acme-challenge.xxx.cwlove.idv.tw with the following value:
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx-ydy8
Before continuing, verify the record is deployed.
Press Enter to Continue到 Cloudflare 設定 TXT 紀錄
Press Enter to Continue
TXT設定完成後按 Enter 驗證
Waiting for verification…
Cleaning up challenges
IMPORTANT NOTES:
Congratulations!完成憑證申請