Adding new certificate to the domain with letsencrypt
Recently, I’ve wanted to add new SSL certificate to the domain. Thanks to letsencrypt.org/, we can get our SSL cert for FREE. I love the idea and possibility.
I’m working with Debian 8 & Apache, additionally, I’ve installed something called certbot a great tool to automate letsencrypt certificate renewal.
During standard configuration, I’ve got a problem:
Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA
after some time of research I’ve found a solution. You have to put additional pre and post scripts to stop/start apache during certificate renewal like this:
sudo certbot --authenticator standalone --installer apache -d yourdomain.com -d www.yourdomain.com --pre-hook "systemctl stop apache2" --post-hook "systemctl start apache2"
if you have nginx instead of apache just replace the code above:
sudo certbot --authenticator standalone --installer nginx -d yourdomain.com -d www.yourdomain.com --pre-hook "service nginx stop" --post-hook "service nginx start"
source: https://github.com/certbot/certbot/issues/5405
Cheers! 🙂
