A note for how I renew blahdns.com let’s encrypt SSL cert
// With acme.sh
/root/acme.sh --issue --standalone -d dot-jp.blahdns.com -d doh-jp.blahdns.com
rm /etc/haproxy/dot-jp.blahdns.pem
cd /root/.acme.sh
cat /root/.acme.sh/dot-jp.blahdns.com/fullchain.cer /root/.acme.sh/dot-jp.blahdns.com/dot-jp.blahdns.com.key > /etc/haproxy/dot-jp.blahdns.pem
service haproxy restart
// With certbot
// Renew
certbot certonly --cert-name dot-jp.blahdns.com --force-renewal
// Working method 1
certbot delete
// After delete all cert
certbot certonly --rsa-key-size 4096 --standalone --agree-tos --no-eff-email --email [email protected] -d dot-de.blahdns.com -d doh-de.blahdns.com
// Merge SSL fullchain and privkey into 1 pem
cd /etc/letsencrypt/archive/dot-de.blahdns.com/
cat fullchain1.pem privkey1.pem > /etc/haproxy/dot-de.blahdns.pem
// restart HAProxy
service haproxy restartUpdated 20, Jan 2020
Photo by Jahsie Ault on Unsplash