This article is the sequel to Let's Encrypt in Domino Environments
To create a certificate is very easy: Instruct the certbot-auto application to create the certificate:
./certbot-auto certonly -d <yourFQDN> --manual
This command (you need internet access) will contact Let's encrypt. It will ask you to create a cryptic file on your server with a much more cryptic content. With this file and it's content Let's encrypt can check whether you have appropriate rights to receive a certificate. They will access the file and compare the content with the content they generated. If both is identical, you will receive the ceriticate immediately.
First, create the necessary subdirectories on you Domino server.
Then create a file with the filename highlighted in certbot-auto on your filesytem and add the content form certbot-auto to the file
cat <certbotAutoContent> <notesdata>/domino/html/.well-known/acme-challenge/<certbotAutoFileName>
On Linux, AIX etc ensure that filepermissions are set correctly.
chown -R notes:notes <notesdata>/domino
This command will correct the permissions. Now you can switch to your server certbot-auto ist running on. When you agree to the test of your environment this will immediatly create the certificate. It is very useful to keep this filestructure and file on your server for later automatic renew of the certificate.
In the last article we will explain how to migrate those certificates to your domino server.