Install Certbot
$ brew install certbot
$ apt-get update
$ apt-get install software-properties-common
$ add-apt-repository universe
$ add-apt-repository ppa:certbot/certbot
$ apt-get update
$ apt-get install certbot python-certbot-apache
$ certbot certonly \
--manual \ # Run in manual mode
--agree-tos \ # Aggree with Terms and Conditions
--manual-public-ip-logging-ok \ # Agree with public ip logging
--preferred-challenges dns-01 \ # Set preferred challenges
--rsa-key-size 4096 \ # Set private key size
-d $DOMAIN # Domain - can be used multiple times for a set of domains
You will be asked to create DNS TXT record for given domain on _acme-challenge.domain.tld
.
$ host -t txt $DOMAIN
Once TXT record is returning required hash value, certificate generation process should proceed.
This step might be repetable for each domain which you want to have associated with certificate.
Once previous step is successfully finished cerfitificates can be found as /etc/letsencrypt/live/$DOMAIN/fullchain.pem
and /etc/letsencrypt/live/$DOMAIN/privatekey.pem
files.