mbiryukova/lego
1
0
Fork 0
forked from TrueCloudLab/lego
Code Pull requests Activity
lego/docs/content/usage/cli/examples.md
Ludovic Fernandez 3edb75872d
chore: migrate to new org. (#824)
2019-03-11 17:56:48 +01:00

1.3 KiB
Raw Blame History

title date draft
Examples 2019-03-03T16:39:46+01:00 false

CLI Examples

Assumes the lego binary has permission to bind to ports 80 and 443. You can get a pre-built binary from the releases page. If your environment does not allow you to bind to these ports, please read Port Usage.

Obtain a certificate

lego --email="foo@bar.com" --domains="example.com" --http run

(Find your certificate in the .lego folder of current working directory.)

To renew the certificate

lego --email="foo@bar.com" --domains="example.com" --http renew

To renew the certificate only if it expires within 45 days

lego --email="foo@bar.com" --domains="example.com" --http renew --days 45

Obtain a certificate using the DNS challenge

AWS_REGION=us-east-1 \
AWS_ACCESS_KEY_ID=my_id \
AWS_SECRET_ACCESS_KEY=my_key \
lego --email="foo@bar.com" --domains="example.com" --dns="route53" run

Obtain a certificate given a certificate signing request (CSR) generated by something else

lego --email="foo@bar.com" --http --csr=/path/to/csr.pem run

(lego will infer the domains to be validated based on the contents of the CSR, so make sure the CSR's Common Name and optional SubjectAltNames are set correctly.)