Https certbot

From Anarchaserver

Set up a https certificate

Following the advices from

Install certbot and the certificates

add jessie-backports to the sourcelist :

sudo nano /etc/apt/sources.list

add the line :

deb jessie-backports main

save and :

sudo apt-get update
sudo apt-get install python-certbot-apache -t jessie-backports

now we can install the certificates for the main domain and a subdomain using :

sudo certbot --apache

If you want to manually change the configuration of the virtualhosts, then you can :

certbot --apache certonly --webroot -w /var/www/ -d
certbot --apache certonly --webroot -w /var/www/zoiahorn/ -d


Renew automatically

Note :

The Debian packaged version of Certbot installs a cron job automatically into /etc/cron.d/certbot. This cronjob runs certbot renew twice a day which will renew certificates that are within the renewal window.

To test :

certbot renew --dry-run 

the command to manually renew all the certificates is :

certbot renew

this command can be added to crontab or run by systemd, the certificates are valid for 3 months so the check can be done once a week or once a day, see


Renew mannually a certificate inside a container

certbot certonly -a manual -d --preferred-challenges dns

Place in gandi the TXT rrecod with the name and the content proposed

Check the certificates

test on