Website: https://letsencrypt.org/

Let’s Encrypt is a new Certificate Authority: It’s free, automated, and open.

>>>> ACME: https://webencrypt.org/acme/

Certbot, previously the Let's Encrypt Client, is EFF's tool to obtain certs from Let's Encrypt, and (optionally) auto-enable HTTPS on your server. It can also act as a client for any other CA that uses the ACME protocol.

Certbot Official site: https://certbot.eff.org/
Get Certbot from: https://github.com/certbot/certbot

Install

CentOS 6

# sudo yum install epel-release
$ wget https://dl.eff.org/certbot-auto
$ chmod a+x certbot-auto

CentOS 7

# yum install epel-release
# yum install certbot

Cert

$ certbot[-auto] certonly
$ certbot[-auto] certonly --standalone -d example.com -d www.example.com

Wildcard

$ certbot certonly  \
 -d *.example.com \
 -d example.com \
 --manual \
 --preferred-challenges dns \
 --server https://acme-v02.api.letsencrypt.org/directory 

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
NOTE: The IP of this machine will be publicly logged as having requested this
certificate. If you're running certbot in manual mode on a machine that is not
your server, please ensure you're okay with that.

Are you OK with your IP being logged?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: Y

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please deploy a DNS TXT record under the name
_acme-challenge.example.com with the following value:

UUN3Xf4jat9SWh_YssVK36P8EHa****************

Before continuing, verify the record is deployed.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Press Enter to Continue

Renew

# certbot[-auto] renew [--dry-run] [--quiet]