Install scripts including one to interact with apache
apt install letsencrypt python-letsencrypt-apache
I am crazy and want a Must Staple certificate
openssl req -new -sha256 -newkey rsa:4096 -nodes\
-keyout steveborba.com.privkey -out must-staple.steveborba.com.csr\
-reqexts SAN -config <(cat /etc/ssl/openssl.cnf <\
(printf "[SAN]\nsubjectAltName=DNS:steveborba.com,DNS:www.steveborba.com\n1.3.6.1.5.5.7.1.24=DER:30:03:02:01:05"))
letsencrypt -vv certonly --csr must-staple.steveborba.com.csr
<Add apache config to allow must staple>
openssl req -new -sha256 -newkey rsa:4096 -nodes\
-keyout steveborba.com.privkey -out steveborba.com.csr
I’ve had a problem that the spaces between nodes and keyout are making things not work right
certbot --authenticator standalone --installer apache --pre-hook "service apache2 stop" --post-hook "service apache2 start"
Thats how I’ve got it working sometimes