lego --email "you@example.com" --dns cloudflare --domains "example.org" run
```
## Using a custom certificate signing request (CSR)
The first step in the process of obtaining certificates involves creating a signing request.
This CSR bundles various information, including the domain name(s) and a public key.
By default, lego will hide this step from you, but if you already have a CSR, you can easily reuse it:
```bash
lego --email="you@example.com" --http --csr="/path/to/csr.pem" run
```
lego will infer the domains to be validated based on the contents of the CSR, so make sure the CSR's Common Name and optional SubjectAltNames are set correctly.
## Using an existing, running web server
If you have an existing server running on port 80, the `--http` option also requires the `--http.webroot` option.
This just writes the http-01 challenge token to the given directory in the folder `.well-known/acme-challenge` and does not start a server.
The given directory **should** be publicly served as `/` on the domain(s) for the validation to complete.
If the given directory is not publicly served you will have to support rewriting the request to the directory;
You could also implement a rewrite to rewrite `.well-known/acme-challenge` to the given directory `.well-known/acme-challenge`.
You should be able to run an existing webserver on port 80 and have lego write the token file with the HTTP-01 challenge key authorization to `<webroot dir>/.well-known/acme-challenge/` by running something like:
```bash
lego --accept-tos --email you@example.com --http --http.webroot /path/to/webroot --domains example.com run
```
## Running a script afterward
You can easily hook into the certificate-obtaining process by providing the path to a script:
```bash
lego --email="you@example.com" --domains="example.com" --http run --run-hook="./myscript.sh"
```
Some information is provided through environment variables:
-`LEGO_ACCOUNT_EMAIL`: the email of the account.
-`LEGO_CERT_DOMAIN`: the main domain of the certificate.
-`LEGO_CERT_PATH`: the path of the certificate.
-`LEGO_CERT_KEY_PATH`: the path of the certificate key.