Certbot basic usage
Certbot installation can be done through package management, by downloading their git repository or installing it through PIP.
Register an account
This is done interactively if you request a certificate from a CA without being registered.
root@acme:~# certbot register -m 'YOUR_EMAIL' --agree-tos --server 'https://api.buypass.com/acme/directory/'
Obtain a certificate using a webroot and HTTP-01 challenge
This requires an active root directory for the domain you are requesting the certificate for.
root@acme:~# certbot certonly --webroot -w /var/www/example.com/public_html/ -d example.buypass.com -d www.example.buypass.com --server 'https://api.buypass.com/acme/directory'
Obtain a certificate using Apache / Nginx / Standalone and HTTP-01 challenge
This method hooks into the currently running Apache / Nginx installation and manages the process on your behalf. Standalone requires the ports 80 and 443 to be available and is used if you don't have a webserver running.
root@acme:~# certbot certonly --nginx -d example.buypass.com -d www.example.buypass.com --server 'https://api.buypass.com/acme/directory/'
Obtain a certificate using DNS-01 challenge
See this page for an intro to how one can obtain a certificate using the DNS-01 challenge method. https://community.buypass.com/t/m22jjh/new-feature-dns-01-challenge-implemented
The currently active certificate should be located at /etc/letsencrypt/live/[FQDN]/ when either nginx, DNS-challenge or standalone is used. If a webroot was specified, that is where the certificate will be stored, eg. /var/www/[FQDN]/.