IT Wizard Professional

User Tools

Site Tools

Trace: windows_iis_install_configure_certbot
sysadmin:windows:windows_iis_install_configure_certbot

This is an old revision of the document!

Install & CertBot on Windows with IIS

CertBot - Windows Other

  1. Install CertBot (beta)
  2. Open MS-DOS command prompt in Administrator mode, run following commands:

    Replace «Email Address»

    Replace «Domain Name» 

    certbot certonly --manual --preferred-challenges dns --email "<<Email Address>>" --server https://acme-v02.api.letsencrypt.org/directory --agree-tos -d <<Domain Name>>
  3. Type Y and press [ENTER] key at the following prompt:
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you be willing, once your first certificate is successfully issued, to
share your email address with the Electronic Frontier Foundation, a founding
partner of the Let's Encrypt project and the non-profit organization that
develops Certbot? We'd like to send you email about our work encrypting the web,
EFF news, campaigns, and ways to support digital freedom.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o:

    You will see following output: 

    Obtaining a new certificate
Performing the following challenges:
dns-01 challenge for <<Domain Name>>

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
NOTE: The IP of this machine will be publicly logged as having requested this
certificate. If you're running certbot in manual mode on a machine that is not
your server, please ensure you're okay with that.
  4. Type Y and press [ENTER] key at the following prompt:
    Are you OK with your IP being logged?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o:

    You will see the following output: 

    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please deploy a DNS TXT record under the name
_acme-challenge.<<Domain Name>> with the following value:

<<DNS TXT Record>>

Before continuing, verify the record is deployed.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Press Enter to Continue
  5. Download and Install OpenSSL for Windows

    https://slproweb.com/products/Win32OpenSSL.html

    https://slproweb.com/download/Win64OpenSSL_Light-1_1_1g.exe

  6. Select option to copy OpenSSL libraries to OpenSSL /bin folder
  7. Launch MS-DOS command prompt and run following commands:

    https://community.letsencrypt.org/t/create-pfx-certificate/86949

    Replace «Domain Name» 

    cd /d "C:\Program Files\OpenSSL-Win64\bin"
openssl pkcs12 -export -out "C:\Certbot\archive\<<Domain Name>>\<<Domain Name>>.pfx" -inkey "C:\Certbot\archive\<<Domain Name>>\privkey1.pem" -in "C:\Certbot\archive\<<Domain Name>>\cert1.pem" -certfile "C:\Certbot\archive\<<Domain Name>>\chain1.pem" -password pass:<<password>>
sysadmin/windows/windows_iis_install_configure_certbot.1614696049.txt.gz · Last modified: 2021/03/02 14:40 by vidyasb

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 4.0 International
CC Attribution-Noncommercial-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki