Let's Encrypt
Let's Encrypt is a non-profit certificate authority that provides X.509 certificates for TLS communication at no charge.
When we request a certificate from Let's Encrypt, we need to provide proof of ownership for our domain. This can be done in one of two ways. We can either manually add a TXT record to our DNS provider or we can allow Certbot to automatically create a TXT record for us in Route 53. The latter method will only work if we are managing our DNS records in Amazon Route 53. The former method can be used for any DNS provider.
Manual verification
When we start the Certbot Docker container with the manual verification flag, we will see the following block of text:
- - - - - - - - - - - - - - - - - - - - - - - - -
Please deploy a DNS TXT record under the name
_acme-challenge.jenkins-firewalled.lvin.ca with the following value:
kLmhtIfqI5PZFuk-lXna13Z4_oIYDmaJoPd6RaFgwqQ
Before continuing, verify...