If you use Cloudflare for your domain DNS management, Certbot and Cloudflare can team up to make it simple for you to get a SSL certificate called a wildcard SSL certificate. This certificate automatically verifies your domain through DNS, saving you time and effort.
With a wildcard certificate, you can secure not only your main domain (e.g., example.com) but also all its subdomains (like wiki.example.com and files.example.com) with just one certificate. It’s like having a single protective blanket for all your website’s parts, making it easier to manage your website’s security and encryption.
Using the Cloudflare DNS plugin, Certbot will create, validate, and then remove a TXT record via Cloudflare’s API. This process serves as proof of your domain ownership and authorization to obtain an SSL certificate for the domain
We have used ubuntu 22.04 LTS for this configuration
Install Certbot
sudo snap install --classic certbot
sudo snap install certbot-dns-cloudflare
Configure Cloudflare Credentials
You will require your Cloudflare account’s associated email address and the Cloudflare Global API Key.
Create a directory for secrets
mkdir /root/.secrets/
touch /root/.secrets/cloudflare.ini
Add credentials to secrets file
nano /root/.secrets/cloudflare.ini
The above file should contain the following:
dns_cloudflare_email = [email protected]
dns_cloudflare_api_key = yourapikey
save the file (Control + O, press Enter, Control +X
to Save and Exit).
Secure the secrets file
sudo chmod 0700 /root/.secrets/
sudo chmod 0400 /root/.secrets/cloudflare.ini
Get your Certificates
Now that Certbot setup is complete.
Use below command to obtain your SSL certificates from Let’s Encrypt.
sudo certbot certonly --dns-cloudflare --dns-cloudflare-credentials /root/.secrets/cloudflare.ini -d example.com,*.example.com --preferred-challenges dns-01
Certificates will be saved to /etc/letsencrypt/live/example.com/
If you require assistance with managing the servers, look no further than the Server Pundits team. We offer comprehensive one-time server setup services and convenient monthly server maintenance packages. Our dedicated services ensure a worry-free experience with your cloud IT infrastructure, enabling you to concentrate on your core business with confidence.