A number of my articles use the Cloudflare API for issuing SSL certificates from Let’s Encrypt via the DNS-01 challenge. This post walks-through creating a new token. Sign into the Cloudflare portal, click the user icon in the top right corner and go to “My Profile”. Once there, click API Tokens, then Create Token and finally click “Use template” against...
There are a number of ways Let’s Encrypt (LE) can validate a request to issue an SSL certificate via the ACME standards, with the two most common ones being HTTP-01 and DNS-01. The LE documentation details each with the advantages and disadvantages here. I’ve started using the DNS-01 challenge method for internal systems in my lab as it means I...
READ MORE Let’s Encrypt DNS-01 Challenge & the Cloudflare API
The final VM in my lab to have its’ SSL configuration sorted was my Unifi controller. This runs on another Ubuntu 16.04 LTS instance, so the usual tools/methods will be used/installed: Let’s Encrypt SSL acme.sh Cloudflare DNS-01 challenge First up, a nod to James Ridgway for an excellent walk through of how he achieved this task on a UniFi Cloud...
Update April 2024 I have a new article with instructions for installing on Ubuntu LTS 22.04 and all the things that have changed since writing this guide. Original Instructions The next server in my lab to sort out with a Let’s Encrypt (LE) trusted SSL is Pi-Hole. Pi-Hole does a good job of ad-blocking without needing to mess with anything...
Update – April 2024 I have written an updated article which uses new functionality in Certify SSL Manager to make life easier. Original Instructions PRTG is a great monitoring tool, especially as you can get a 100 sensor license for free. That makes it ideal for monitoring home & small networks. By default it uses a self-signed SSL certificate which...