Normally, we can use Let’s Encrypt to request a https certificate. This certificate will have 90 days available before expiry.
First, we need to have a Certbot tool in our system.
Please check the link below to require a script to setup your certbot environment.
https://certbot.eff.org/instructions?ws=nginx&os=windows
Download the installation package for your current system.
Once we you done with the environment, try command:
certbot --help
whick can confirm that ‘certbot’ tool has been setup up successfully.
Choose how you’d like to run Certbot. Script should be run with Administrator.
IF web server is not currently running on this machine:
$ C:\WINDOWS\system32> certbot certonly --standalone
IF we need to keep the web server running:
$ C:\WINDOWS\system32> certbot certonly --webroot
Follow the introduction and description, will located 2 files:
Certificate is saved at: C:\Certbot\live\<your_domain>\fullchain.pem
Key is saved at: C:\Certbot\live\<your_domain>\privkey.pem
The target folder only save short cuts for these files, should relocate to real file.
Now, we can use the Certificate and Key for publishing.
Test automatic renewal:
$ C:\WINDOWS\system32> certbot renew --dry-run
Do not forget copy certificate and key files to nginx or other container/publisher.