To Know about letsEncrypt and its working please refer to this blog.
Generating certificates can be achieved in two ways
Manual
Automated
Manual
Please follow the steps mentioned below to generate the certificates manually
Install acme.sh
curl https://get.acme.sh | sh
DNS manual mode
acme.sh --issue --dns -d aa.com -d www.aa.com
Please make sure that you get an output like the one below:
Add the following txt record:
Domain:_acme-challenge.aa.com
Txt value:9ihDbjYfTExAYeDs4DBUeuTo18KBzwvTEjUnSwd32-c
Add the following txt record:
Domain:_acme-challenge.www.aa.com
Txt value:9ihDbjxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Please add those txt records to the domains. Waiting for the dns to take effect.
Rerun with renew argument:
acme.sh --renew -d aa.com
Automated
Lego can be used to automate the process of generating certificates. Currently it comes with multiple optional DNS providers.