certbot is a command-line utility in Linux that is used to manage and obtain SSL/TLS certificates for web servers. It is part of the Let’s Encrypt project, which provides free, automated SSL/TLS certificates to help secure websites and protect the privacy of users.
certbot is designed to be easy to use and automate the process of obtaining and installing SSL/TLS certificates for web servers. It supports a wide range of web servers, including Apache, Nginx, and other popular web servers.
For more information on using certbot, you can consult the Let’s Encrypt documentation or use the certbot –help command to view a list of available options and usage examples.
certbot Command Examples
1. Obtain a new certificate via webroot authorization, but do not install it automatically:
# certbot certonly --webroot --webroot-path path/to/webroot --domain subdomain.example.com
2. Obtain a new certificate via nginx authorization, installing the new certificate automatically:
# certbot --nginx --domain subdomain.example.com
3. Obtain a new certificate via apache authorization, installing the new certificate automatically:
# certbot --apache --domain subdomain.example.com
4. Renew all Let’s Encrypt certificates that expire in 30 days or less (don’t forget to restart any servers that use them afterwards):
# certbot renew
5. Simulate the obtaining of a new certificate, but don’t actually save any new certificates to disk:
# certbot --webroot --webroot-path path/to/webroot --domain subdomain.example.com --dry-run
6. Obtain an untrusted test certificate instead:
# certbot --webroot --webroot-path path/to/webroot --domain subdomain.example.com --test-cert