Letsencrypt & Certbot

Normally, we can use Let’s Encrypt to request a https certificate. This certificate will have 90 days available before expiry.

First, we need to have a Certbot tool in our system.

Please check the link below to require a script to setup your certbot environment.

https://certbot.eff.org/instructions?ws=nginx&os=windows

Download the installation package for your current system.


Once we you done with the environment, try command:

certbot --help

whick can confirm that ‘certbot’ tool has been setup up successfully.


Choose how you’d like to run Certbot. Script should be run with Administrator.

IF web server is not currently running on this machine:

$ C:\WINDOWS\system32> certbot certonly --standalone

IF we need to keep the web server running:

$ C:\WINDOWS\system32> certbot certonly --webroot

Follow the introduction and description, will located 2 files:

Certificate is saved at: C:\Certbot\live\<your_domain>\fullchain.pem
Key is saved at:         C:\Certbot\live\<your_domain>\privkey.pem

The target folder only save short cuts for these files, should relocate to real file.

Now, we can use the Certificate and Key for publishing.


Test automatic renewal:

$ C:\WINDOWS\system32> certbot renew --dry-run

Do not forget copy certificate and key files to nginx or other container/publisher.

Leave a Comment