webserver/certbot-ubuntu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
15 Commits 1 Branch 0 Tags
0bebed0099c5ca962b82b040494a191b8a13a293
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE

README.md

Certbot with Cloudflare DNS on Ubuntu 24.04

OS Shell Certbot License

Install Certbot using Cloudflare DNS validation on Ubuntu 24.04 server.

This is not a test environment and not a casual demo.
This is a production-grade installer built to issue and renew certificates reliably — including wildcards.

Why this installer exists

DNS-01 validation is simpler and more flexible than HTTP-01 — especially for wildcard certificates and multi-host setups.

What this installer does

✔ Automates DNS-01 via Cloudflare
✔ Supports wildcard certificates
✔ Optional Nginx reload hook
✔ Ideal for multi-site deployments

What this installer does NOT do

It wont stop you from running the script without reading the documentation like theres no tomorrow.
Skip the README, and whatever happens next is your headache, not a bug report.

Requirements

You need:

✔ A Cloudflare API key with DNS:Edit permissions
✔ A domain pointing to Cloudflare

Guide if needed:
Certbot Cloudflare

1. Download

git clone https://git.x-files.dk/webserver/certbot-ubuntu.git

cd certbot-ubuntu

2. Run the installer

sudo ./certbotinstall [-p] <Cloudflare API Key>

Example:

sudo ./certbotinstall -p 1234567890abcdef123456abcd

After installation, certbot is ready to issue certificates immediately.

3. Issue Certificates

Standard certificate + Nginx reload

sudo certbot certonly   -d example.com -d www.example.com   --dns-cloudflare   --dns-cloudflare-credentials /etc/letsencrypt/dnscloudflare.ini   --post-hook "service nginx reload"   --non-interactive --agree-tos   --email admin@example.com   --dns-cloudflare-propagation-seconds 30

Wildcard (includes all subdomains)

sudo certbot certonly   -d *.example.com   --dns-cloudflare   --dns-cloudflare-credentials /etc/letsencrypt/dnscloudflare.ini   --post-hook "service nginx reload"   --non-interactive --agree-tos   --email admin@example.com   --dns-cloudflare-propagation-seconds 30

Wildcard = ideal for multi-site hosting.

Certificate Management

List certificates

sudo certbot certificates

Delete certificate

sudo certbot delete --cert-name example.com

Add new subdomain to existing cert

sudo certbot certonly --expand   -d example.com -d www.example.com -d sub1.example.com   --dns-cloudflare   --dns-cloudflare-credentials /etc/letsencrypt/dnscloudflare.ini

Best practice:

If many domains change → reissue instead of modifying.

Modify/Remove domains

List existing:

sudo certbot certificates

Reissue without sub2.example.com:

sudo certbot --cert-name example.com   -d example.com -d sub1.example.com -d sub3.example.com

More Information

More guides and documentation can be found on wiki.x-files.dk

License

Licensed under the MIT License.

Reference in New Issue View Git Blame Copy Permalink
Description
No description provided
Readme MIT 59 KiB
Languages
Shell 100%