Requesting to rerun ./certbot-auto with root privileges... Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator manual, Installer None Enter email address (used for urgent renewal and security notices) (Enter 'c' to cancel): xxx@mail.com
------------------------------------------------------------------------------- Please read the Terms of Service at https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must agree in order to register with the ACME server at https://acme-v02.api.letsencrypt.org/directory ------------------------------------------------------------------------------- (A)gree/(C)ancel: A
------------------------------------------------------------------------------- Would you be willing to share your email address with the Electronic Frontier Foundation, a founding partner of the Let's Encrypt project and the non-profit organization that develops Certbot? We'd like to send you email about EFF and our work to encrypt the web, protect its users and defend digital rights. ------------------------------------------------------------------------------- (Y)es/(N)o: Y Obtaining a new certificate Performing the following challenges: dns-01 challenge for example.com
------------------------------------------------------------------------------- NOTE: The IP of this machine will be publicly logged as having requested this certificate. If you're running certbot in manual mode on a machine that is not your server, please ensure you're okay with that.
Are you OK with your IP being logged? ------------------------------------------------------------------------------- (Y)es/(N)o: Y
------------------------------------------------------------------------------- Please deploy a DNS TXT record under the name _acme-challenge.example.com with the following value:
Ndpg7dP38wrE3DZqlksBCbT_LDGNFgilPUoZcOdOdd4
Before continuing, verify the record is deployed. ------------------------------------------------------------------------------- Press Enter to Continue
在Press Enter to Continue这里
在去DNS解析那里添加一条TXT记录,内容为上面那串乱码。子域名为_acme-challenge
添加之后用 dig命令检测下
运行
1
dig -t txt _acme-challenge.example.com @8.8.8.8
可以看到相关乱码记录,就算OK,可以按 Enter下一步
证书保存位置
1 2 3 4
IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/example.com/fullchain.pem ...