Great tutorial, I have read that this it is one of the most secure ways to automate dns challenge because you don't need to expose your dns provider credentials.
i am getting this email all the time. i am using cyberpal : Unable to renew certificate: Updating challenge for [domain]: acme: error code 400 "urn:ietf:params:acme:error:connection": Fetching 404.html: Redirect loop detected | Is there any solution please tell me..i don't even know what is this
This is really a great tutorial. However I encountered a problem. I have executed step-by-step exactly as you indicated and all the commands went on smoothly. however when attempting to create the test cert. I receive the error: "certbot.errors.HookCommandNotFound: acme-dns-client-hook command manual-auth exists, but is not executable." Can you suggest where the problem is to solve it"? Thank you so much Anton.
You don't need to use the API of your DNS provider in this case. You will outsource your DNS challenges to your own DNS server. The setup a little bit complicated but it will allow you to automatically renew your wildcard certificates.
Hi Anton! When I get the wildcard certificate I get this message: "Certbot has set up a scheduled task to automatically renew this certificate in the background". So do I need to create a cron job as you do? Just to ensure it runs twice? Thanks!!
You want to check that "scheduled task" which is either cron job or a systemd timer. Unless it has following flags "--manual", "--preferred-challenges dns", "--manual-auth-hook 'acme-dns-client' it is not going to update your wildcard certificate. It will work only for certificates that were issued for certain domains such as "blog.example.com" and not "*.example.com". I have a video coming up on Thursday which is much better quality.
🔴 - To support my channel, I’d like to offer Mentorship/On-the-Job Support/Consulting - me@antonputra.com
⏱️TIMESTAMPS⏱️
0:00 Intro
2:14 Demo
5:59 Create EC2 Instance
9:22 Install acme-dns Server
18:43 Install acme-dns-client
19:47 Install certbot
20:55 Get Letsencrypt Wildcard Certificate
👉 How to Manage Secrets in Terraform - ua-cam.com/video/3N0tGKwvBdA/v-deo.html
👉 Terraform Tips & Tricks - ua-cam.com/video/7S94oUTy2z4/v-deo.html
👉 ArgoCD Tutorial - ua-cam.com/video/zGndgdGa1Tc/v-deo.html
Highly Appreciate this video,Thanks a tonne
Worked perfectly. Thank you
Great to hear!
Great tutorial.
Thanks.
Welcome!
Very helpful.
Thanks a lot.
Thanks Sidharth!
i don't know it will work or not but looks very great
thanks
🔴NEW/UPDARED🔴 - How to Setup Auto-Renew for Letsencrypt WILDCARD Certificate with DNS challenge? - ua-cam.com/video/7jEzioFsyNo/v-deo.html
It will be available on Aug 19, 2021
Great tutorial, I have read that this it is one of the most secure ways to automate dns challenge because you don't need to expose your dns provider credentials.
Yes, exactly
Cool tutorial !
Thank you! Cheers!
i am getting this email all the time. i am using cyberpal : Unable to renew certificate: Updating challenge for [domain]: acme: error code 400 "urn:ietf:params:acme:error:connection": Fetching 404.html: Redirect loop detected | Is there any solution please tell me..i don't even know what is this
Unfortunately, I'm not familiar with cyberpal at all.
This is really a great tutorial. However I encountered a problem. I have executed step-by-step exactly as you indicated and all the commands went on smoothly. however when attempting to create the test cert. I receive the error: "certbot.errors.HookCommandNotFound: acme-dns-client-hook command manual-auth exists, but is not executable." Can you suggest where the problem is to solve it"? Thank you so much Anton.
Thank you, but I recorded this tutorial a while ago. I don't remember all the details. Sorry.
great video thanks for sharing your knowledge , slava ukraine
Thanks :)
Thanks!
Thank you Aziz!
What if my DNS provider doesn't have an API available ?? Am I stuck on manual mode?
You don't need to use the API of your DNS provider in this case. You will outsource your DNS challenges to your own DNS server. The setup a little bit complicated but it will allow you to automatically renew your wildcard certificates.
@@AntonPutra or how about changing the nameservers to one of the supported dns providers and then use thier API?
@@flash_gif sure, you can transfer your domain (change nameservers) to the one which supports it.
@@AntonPutra Hello thanks for the video, do you have any reference for this procedure you're mentioning here to outsource etc..?
Where do I geet the certbot script?
It's been a while, can you clarify what script exactlly?
Excellent tutorial!!
Thank you!
Hello, thanks for the tutorial, is it possible to do an automatic renewal if the dns server is bind?
Hey, I don't think that you can use bind to automate renewal. DNS server that I use in the video was specifically build for that task.
What do you use to make that flow graph? I like the look of it
now i use adobe illustrator & after effects
Hi Anton! When I get the wildcard certificate I get this message: "Certbot has set up a scheduled task to automatically renew this certificate in the background". So do I need to create a cron job as you do? Just to ensure it runs twice? Thanks!!
You want to check that "scheduled task" which is either cron job or a systemd timer. Unless it has following flags "--manual", "--preferred-challenges dns", "--manual-auth-hook 'acme-dns-client' it is not going to update your wildcard certificate. It will work only for certificates that were issued for certain domains such as "blog.example.com" and not "*.example.com". I have a video coming up on Thursday which is much better quality.
exception would be if you are using certbot dns plugins
Okay thank you for the information. I will check the new video!
@@davidmontdajonc6332 good luck :)
This Video is very lesson for beginner like me anyhow if possible may you make a video to renew ssl through ansible ?
Sure I can make one in the future
Man you are’ making the right videos ... please keep doing it
Thanks, will do!
Are yu Indonesian sir?
no, russian :)
@@AntonPutra yur last name like Indonesian, Putra (is Son) 😁