Posted on

certbot timer

EDIT:
sudo nano /lib/systemd/system/certbot.timer
OnCalendar=*-*-* 02:00:00 (edit this line)
sudo systemctl daemon-reload
sudo systemctl restart certbot.timer


LIST:
systemctl list-timers certbot.timer
Posted on

ssl wildcard apache

1. New
certbot certonly --manual --preferred-challenges=dns --email admin@example.com --server https://acme-v02.api.letsencrypt.org/directory --agree-tos -d *.example.com

2. Adding TXT record
_acme-challenge	TXT	"xxxxxxxxxxxxxxxxxxxxxx"

3. Your cert will expire on 2022-02-28.

4. Renew: 
  certbot certonly --manual -d '*.example.com'

4.1 New if Renew is failed (if 4.Renew failed then: Retry the Certification Process)
  certbot certonly --manual --preferred-challenges dns -d example.com

5. Lookup (on windows)
  nslookup -type=TXT _acme-challenge.domain.com
  or
  https://dnschecker.org/#TXT/_acme-challenge.domain.com
4.1. Update DNS with TXT value
4.2. Before continuing, verify the record is deployed. Press Enter to Continue
4.3. Restart apache2 or wait 15min
4.4 Your cert will expire on 
        2025-12-22
        2025-09-23(new server)
        2025-07-19
        2025-04-19
        2025-01-24
        2024-11-10
        2024-08-19
        2024-05-21
        2024-02-25
        2023-11-27
        2023-08-28
        2023-05-26, 
        2023-02-24, 
        2022-11-26, 
        2022-08-28, 
        2022-05-29

shop:
2024-10-07
2024-05-21
2024-02-25
2023-11-07

h:
 2026-02-08
 2025-11-08
 2025-07-19
 2025-04-25
 2025-04-19 (err)
 2025-01-24
 2024-11-10
 2024-05-21

https://bobcares.com/blog/certbot-wildcard-certificate-apache/
apache rewrite domain with wildcard:

RewriteEngine on
RewriteCond %{HTTP_HOST} (\w+.domain.lt)
RewriteRule ^ https://%1%{REQUEST_URI} [L,R=301]

https://serverfault.com/questions/809437/rewrite-of-insecure-to-secure-domain-with-wildcard