1.8 KiB
Creating SSL Certificates
These are community manages tutorials on how to generate an ssl cert.
Cloudflare
This tutorial briefly covers creating new SSL certificates for your panel and daemon using Cloudflare
Using acme.sh
This is for advanced users, of which their server systems do not have access to port 80. The command below is for Ubuntu distributions and CloudFlare API (you may google for other APIs for other DNS providers), but you can always check acme.sh's official site for installation instructions.
curl https://get.acme.sh | sh
Obtaining CloudFlare API Key
After installing acme.sh, we need to fetch a CloudFlare API key. Please make sure that a DNS record (A or CNAME record) is pointing to your target node, and set the cloud to grey (bypassing CloudFlare proxy). Then go to My Profile > API keys and on Glocal API Key subtab, click on "view", enter your CloudFlare password, and copy the API key to clipboard.
Creating a Certificate
Since the configuration file is based on Certbot, we need to create the folder manually.
sudo mkdir /etc/letsencrypt/live/example.com
After installing certbot and obtaining CloudFlare API key, we need to then generate a certificate. First input the CloudFlare API credentials.
export CF_Key="Your_CloudFlare_API_Key"
export CF_Email="Your_CloudFlare_Account@example.com"
Then create the certificate.
acme.sh --issue --standalone -d "example.com" --dns dns_cf \
--key-file /etc/letsencrypt/live/example.com/privkey.pem \
--fullchain-file /etc/letsencrypt/live/example.com/fullchain.pem
Auto Renewal
After running the script for the first time, it will be added to the crontab automatically. You may edit the auto renewal interval by editing the crontab.
sudo crontab -e