Generating Certificates with Certbot and Let's Encrypt (the manual approach)

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
[Music] hi all i'm ro your friendly neighbourhood developer i've got some exciting things in store for you today i'll show you how to quickly obtain a https certificate using certbot and let's encrypt we'll start with two basic things you need to know namely who is let's encrypt and what is certbot let's encrypt are a non-profit certificate authority that provide tls certificates a quick scheme through their 2020 annual report shows that they're now helping to secure more than 220 million websites cool huh certbot on the other hand is a free open source software tool for automatically using let's encrypt certificates on manually administered websites to enable https the appeal of certbot is that you run a wants to automatically get free https certificates forever you can install it as a service on virtual machines and it even works with cloud providers like azir where you're running your web applications as a pass service and you don't have terminal access the approach i'll show you today is not automatic but a manual approach this is perfect for when you're keen to test something out quickly for production scenarios you might be better off using more automated approaches so let's get started we'll start with some prerequisites firstly since we're getting a domain validated certificate we need access to a domain and the ability to add a text record in the example i'll show you i have access to a domain called contosoelectronics.org and the dns provider is google next you'll need access to a system where you have admin privileges in my case i spun up an ubuntu server for this video probably a good idea to run some updates too now that we're done with our preparation let's get ourselves a new certificate the first thing we'll start with is installing cert bot like so here i'm using the snap packaging and deployment system to help me install setbot now that setbot has been successfully installed let's get ourselves a certificate we'll now run certbot with the manual switch we also let certbot know that we're capable of providing dns validation via the preferred challenge switch we will also need to provide said bot with some additional details like our email and the address of the let's encrypt server an important step is to provide cert bot with our expected host name for the certificate you'll need to know beforehand the host name of the web application you're trying to protect in my case the host name i'll be using is login.contosoelectronics.org once we run this command certbot will work with the let's encrypt service and generate a dns text record which we'll need to set up to help validate our domain ownership you notice here that certbot has asked us to set up a text record for our domain you can see both the record name and value that it expects i'll go into my dns hosting provider and set up the text record as expected now whatever you do don't press enter just yet if you press enter cert bot will try and validate the domain and it'll fail only once we've added the record and verified that the text record is visible should we press enter to let said part complete the certificate generation process what i like doing now is use the dig utility to interrogate dns name servers to validate that my changes have taken effect digg is a domain information groper you can run the command or use an online dig utility to do the same thing if you don't see your text record you can hit the fix button to try and resolve it once you see your text record show up you should be okay to press enter on your terminal window and let said bot generate your certificate once you press enter certbot validates your tax record and generates the certificate since we use the current working directory as a working directory when requesting a certificate you should be able to see it in a folder called live in your current working directory all done thanks for watching
Info
Channel: TRY-IT DEV
Views: 2,922
Rating: undefined out of 5
Keywords: certbot, letsencrypt, security, certificates, getting sterted, how to
Id: 5wzs-pcDQ3k
Channel Id: undefined
Length: 6min 42sec (402 seconds)
Published: Thu Dec 31 2020
Related Videos
Configure NGINX as a Reverse Proxy
NGINX, Inc
23K
Before I do anything on Proxmox, I do this first...
Techno Tim
250K
How to Get Letsencrypt Wildcard Certificate (Using Letsencrypt Nginx DNS Challenge)
Anton Putra
11K
How to Install a Free SSL Certificate with Let's Encrypt (on Nginx and Apache websites)
Tony Teaches Tech
16K
How To Renew Your Let's Encrypt SSL Certificate AUTOMATICALLY (with crontab)
Tony Teaches Tech
17K
Making a Simple Hydrogen Generator from Washers
Maciej Nowak Projects
3.7M
You're running Pi-Hole wrong! Setting up your own Recursive DNS Server!
Craft Computing
493K
Let's Encrypt DST Root CA Expired
jeffrey bornolla
9.9K
Zorin OS 16: Windows Alternative Linux Distro
ExplainingComputers
345K
How to Get Letsencrypt WILDCARD Certificate? Renew Certificate | Certbot | DNS Challenge | acme-dns
Anton Putra
4.1K
Reverse proxy nginx letsencrypt tutorial
The Digital Life
24K
Hackers vs. Developers // CVE-2021-44228 Log4Shell
LiveOverflow
70K
Monitoring With Prometheus & Grafana In Hindi | Grafana Tutorial For Beginners | Great Learning
Great Learning
17K
Second Oldest Trick in Sleight of Hand
susiefilms
13M
How to Secure Nginx with Lets Encrypt on Ubuntu 20.04 with Certbot
Anton Putra
6.8K
How to get a 100% Free SSL Certificate | Cpanel & Let's Encrypt
Tim Carambat
4.1K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.