Get started

Obtain a certificate with Certbot

After installing Certbot you can obtain a certificate from Buypass CA, the following examples were generated using EFF’s Certbot from their official website

Certbot requires root-privileges in order to perform its operations. The Certbot will auto-install dependencies the first time performing an command using the “certbot-auto”binary. After Certbot has finished installing its dependencies you will be prompted for input. Registration is also automatically performed prior obtaining a certificate from the Buypass AS ACME service.


Register to CA

root@acme:~# certbot register -m 'YOUR_EMAIL' --agree-tos --server ''
Parameter Explanation
register Specify task
-m “email” Email to be used for nofitication purposes, eg. expiring certificates.
–agree-tos Automatically agree to the Terms of Service
–server ‘URL’ Use the specified ACME server to obtain certificates 


Obtain certificate

To order a certifcate from Buypass you can perform the following command, replace with your domain name.

root@acme:~# certbot certonly --webroot -w /var/www/ -d -d --server ''
Parameter Explanation
certonly Specify task
–webroot Obtains a certificate by writing to the webroot directory of an already running webserver.
-w Specify the web-root containing the files served by the webserver.
-d ‘FQDN’ Fully Qualified Domain Name to obtain certificate for, which is accessible on port 80 and 443.
–server ‘URL’ Use the specified ACME server to obtain certificates


Managing Certificates with Certbot

Revoke Certificate

Revoke a previously obtained certificate by performing the following command.

root@acme:~# certbot revoke --cert-path /etc/letsencrypt/live/ --server ''
Parameter Explanation
revoke Start the task of revoking an existing certificate
–server “URL” Use the specified ACME server to obtain certificates
–cert-path “PATH” Specify the path of the desired certificate to remove


Renew Certificate\

Manual renewal of certificates can be achieved through the following command. To automate the renewal process this can be scheduled using cron.

root@acme:~# certbot renew
Parameter Explanation
renew Check and renew expiring certificates
-n Run without user interaction
-q Quiet output, reduced logging to screen

Automated renewal is scheduled in cron by invoking the following command to edit the cron tasks for the root user

sudo crontab -e

Then add the following lines to the file.

#Cron-job scheduled under root to run every 12th hour at a specified minute (eg. 23, change this to your preference)
23 */12 * * * /opt/certbot/certbot-auto renew -n -q >> /var/log/certbot-auto-renewal.log


Delete Certificate

Invoke the following command to delete a certificate. This will give you a list of available certificates which you can choose a certificate from to completely delete.

root@acme:~# certbot delete
Paramater Explanation
delete Start the task of deleting previously obtained certificates
2replies Oldest first
  • Oldest first
  • Newest first
  • Active threads
  • Popular
Replies are closed
  • 2 yrs agoLast active
  • 2Replies closed
  • 4035Views
  • 5 Following

Buypass Official Community

This is the official community of Buypass.  A Root CA located in Norway.