Skip to content

Certificate Renewal

DevClub IITD edited this page Jun 21, 2022 · 4 revisions

Steps to renew normal certificate

  1. Run sudo certbot renew
sudo certbot certonly --manual --manual-public-ip-logging-ok -d 'devclub.in'

Create the challenge file in /var/www/html/letsencrypt/.well-known/acme-challenge/

Press ENTER in certbot terminal

Reload nginx

nginx -s reload

Steps to renew wildcard certificate

  1. Run the command
sudo certbot certonly --manual --server https://acme-v02.api.letsencrypt.org/directory --manual-public-ip-logging-ok -d '*.devclub.in'

in a tmux window. It will give you a TXT record to be added. DO NOT PRESS ENTER until step two is complete, and detach that tmux window.

  1. Login to CloudFlare and add that TXT record (you will only have to modify its value for renewal) and wait for 2 hours until the value has been updated. You can check this by nslookup -type=TXT _acme-challenge.devclub.in in a separate terminal on the same VM. Only if you get the updated value by the nslookup command, proceed to step three. I repeat DO NOT PRESS ENTER in the first terminal.

  2. Press enter in the first terminal window.

  3. Reload nginx (nginx -s reload) and enjoy!