LoginSignup
0
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?

More than 3 years have passed since last update.

@crashRT(crashRT)in京大マイコンクラブ

GCPのCloudDNSでDNS-01チャレンジ

Posted at

したいこと

  • 諸事情で80番ポートは使えないけどlet's encryptでSSL認証したい(ので、DNSチャレンジを使う)
  • GAEで動かしているサイトのサブドメインを使いたい

やること

認証はDNSチャレンジでやる。

1.準備

Nginxを停止させる

$ systemctl stop nginx

Certbotを入れる

$ sudo apt install epel-release
$ sudo apt install certbot

2. 証明書を作成

sudo certbot certonly --manual -d fuga.hogehoge.hoge --preferred-challenges dns

Are you OK with your IP being logged? にYesを押すと、こんなメッセージが出てくる

Please deploy a DNS TXT record under the name
_acme-challenge.fuga.hogehoge.hoge with the following value:

[キー]

Before continuing, verify the record is deployed.

GCPのCloud DNSを開く

(ドメインの設定とかは終わってるものとします)

レコードセットを追加
→ タイプはTXT
→ DNS名を _acme-challenge.fuga.hogehoge.hoge にする
→ TXTデータにさっき出てきたキーを入力
→ 反映されるまで時間がかかるらしいので、水分補給とかして少し待つ(10分くらい?)
→ cmdでEnterを押す

IMPORTANT NOTES:
    Congraturations! (ry

って出てきたら成功

0
0
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin
0
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?