Certbot with Apache: Difference between revisions

Line 20:

===Obtaining a Certificate===

Once Certbot is installed, it's crazy simple to obtain a certificate. As noted above, use this command;<syntaxhighlight lang="text">

certbot --apache

certbot --apache (This command will make changes to the Apache configuration files)

OR

certbot certonly

certbot certonly (Use this command if it is not desirable to have CertBot modify Apache configuration files)

</syntaxhighlight>...and then follow the instructions. The first command will give one the choice of having Apache configuration files changed. The latter command only obtains a certification. Remember, this has to be done on the server that hosts the web site as Certbot and Let's Encrypt require a "challenge" to be answered correctly for a certificate to be obtained. The "challenge" question is a temporary file that certbot places in the directory of the web site (and deletes after the certificate is obtained) for the certificate issuing service to verify one is the owner of the web site. DNS is another method that can be used in the "challenge" process, but it is a bit more complex.

@@ Line 20: / Line 20: @@
 ===Obtaining a Certificate===
 Once Certbot is installed, it's crazy simple to obtain a certificate.  As noted above, use this command;<syntaxhighlight lang="text">
-certbot --apache
+certbot --apache (This command will make changes to the Apache configuration files)
 OR
-certbot certonly
+certbot certonly (Use this command if it is not desirable to have CertBot modify Apache configuration files)
 </syntaxhighlight>...and then follow the instructions.  The first command will give one the choice of having Apache configuration files changed.  The latter command only obtains a certification.  Remember, this has to be done on the server that hosts the web site as Certbot and Let's Encrypt require a "challenge" to be answered correctly for a certificate to be obtained.  The "challenge" question is a temporary file that certbot places in the directory of the web site (and deletes after the certificate is obtained) for the certificate issuing service to verify one is the owner of the web site.  DNS is another method that can be used in the "challenge" process, but it is a bit more complex.