Let's Encrypt wildcard SSL with Cloudflare

我主機的環境是 Centos7 & apache2

先安裝 Certbot
$sudo yum install certbot python2-certbot-apache

安裝 DNS Plugins
$sudo yum install python2-certbot-dns-cloudflare

建立 cloudflare.ini 設定檔將它放在 ~/.secrets/certbot/cloudflare.ini
記得換上自己的帳號跟api key
# Cloudflare API credentials used by Certbot
dns_cloudflare_email = cloudflare@example.com
dns_cloudflare_api_key = 0123456789abcdef0123456789abcdef01234567

執行下面命令, domain.com跟 cloudflare.ini 路徑替換成自己的
$certbot certonly --dns-cloudflare --dns-cloudflare-credentials ~/.secrets/certbot/cloudflare.ini -d "*.domain.com" -d "domain.com" --preferred-challenges dns-01 --server https://acme-v02.api.letsencrypt.org/directory

之後讓主機每天執行 certbot renew就可以了