[Howto] create a SSL/TLS certificate with LetsEncrypt (FreeBSD)

posted in: computer | 0

tested under FreeBSD v12.1 with certbot-1.3.0,1

  1. install the let’s encrypt client
    pkg install py37-certbot
  2. request your certificate (note: Port 80 must be open and unused, e.g. temporarily disable a running webserver)
    certbot certonly --standalone -d <your-domain>
  3. all done, now you will find your certificate and private-key under
    /usr/local/etc/letsencrypt/live/<your-domain>/fullchain.pem
    /usr/local/etc/letsencrypt/live/<your-domain>/privkey.pem

The certificate is valid for 3 month. It can be renewed 30 days before expiration.

  • renew all certificates with certbot renew
  • renew a selected certificate with certbot certonly --standalone -d <selected-domain>