Generating SSL/TLS certificates via DNS Challenge

(Feb-2023) YouTube Training video on how to setup SSL Certificates for Bahmni:

Generating certificates can be achieved in two ways

Manual
Automated

Manual

Please follow the steps mentioned below to generate the certificates manually

Install acme.sh

curl https://get.acme.sh | sh

DNS manual mode

acme.sh --issue --dns -d aa.com -d www.aa.com

Please make sure that you get an output like the one below:

Add the following txt record:
Domain:_acme-challenge.aa.com
Txt value:9ihDbjYfTExAYeDs4DBUeuTo18KBzwvTEjUnSwd32-c

Add the following txt record:
Domain:_acme-challenge.www.aa.com
Txt value:9ihDbjxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Please add those txt records to the domains. Waiting for the dns to take effect.

Rerun acme.sh with `renew` argument:

acme.sh --renew -d aa.com

Automated

Lego can be used to automate the process of generating certificates. Currently it comes with multiple optional DNS providers.

1.Download the latest version from releases

Download link

Download from https://github.com/xenolf/lego/releases

2.Install golang -> https://golang.org/doc/install

Install golang from https://golang.org/doc/install

3.Obtain a certificate using the DNS challenge and AWS Route 53

AWS_REGION=us-east-1 AWS_ACCESS_KEY_ID=my_id AWS_SECRET_ACCESS_KEY=my_key lego --email="foo@bar.com" --domains="example.com" --dns="route53" run

For other ways to obtain certificate as mentioned in above step, refer DNS providers

On this page

Related Reading

Configure Valid SSL Certificates

Free SSL/TLS Certificates using LetsEncrypt

Bahmni Wiki

Generating SSL/TLS certificates via DNS Challenge

Analytics

Manual

Install acme.sh

DNS manual mode

Rerun acme.sh with `renew` argument:

Automated

Related content

Generating SSL/TLS certificates via DNS Challenge

Manual

Install acme.sh

DNS manual mode

Rerun acme.sh with renew argument:

Automated

Related content

Rerun acme.sh with `renew` argument: