Currently I am using the manual certification process with certbot:
sudo certbot certonly --manual --preferred-challenges dns -d busmap.online -d try.busmap.online
I forget the exact reasons why I am doing it this way (most certainly because other methods weren't working).
This method has two shortcomings:
- Requires deploying a DNS
TXT record for each registered domain.
- Prevents automatic renew with the following reasons:
This certificate will not be renewed automatically. Autorenewal of --manual certificates requires the use of an authentication hook script (--manual-auth-hook) but one was not provided. To renew this certificate, repeat this same certbot command before the certificate's expiry date.
Look into the --manual-auth-hook option and see what that entails. Most likely requires a script that sets up the necessary DNS TXT challenges. That, or find a way to support automatic renewal with certbot on the EC2 intanance.
Currently I am using the manual certification process with certbot:
I forget the exact reasons why I am doing it this way (most certainly because other methods weren't working).
This method has two shortcomings:
TXTrecord for each registered domain.This certificate will not be renewed automatically. Autorenewal of --manual certificates requires the use of an authentication hook script (--manual-auth-hook) but one was not provided. To renew this certificate, repeat this same certbot command before the certificate's expiry date.Look into the
--manual-auth-hookoption and see what that entails. Most likely requires a script that sets up the necessary DNSTXTchallenges. That, or find a way to support automatic renewal with certbot on the EC2 intanance.