OpenClaw LaunchOpenClaw Launch
🔒

Let's Encrypt SSL

Verified

by Community

Sets up free SSL/TLS certificates using Let's Encrypt with certbot for automatic issuance, renewal, and deployment across Nginx, Apache, and standalone configurations.

ssltlsletsencryptcertbotcertificateshttps

Let's Encrypt SSL

Sets up free, automated SSL/TLS certificates using Let's Encrypt and certbot. Covers HTTP-01 and DNS-01 challenge types, Nginx and Apache plugin integration, wildcard certificates via DNS validation, automatic renewal via cron or systemd timers, and certificate deployment hooks.

Usage

Describe your web server (Nginx, Apache, HAProxy), domain names, and whether you need single-domain, multi-domain (SAN), or wildcard certificates. Specify your DNS provider if using DNS-01 challenges for wildcard certs.

Examples

  • "Set up certbot with Nginx plugin to automatically obtain and configure SSL for my domain"
  • "Obtain a wildcard certificate for *.example.com using Cloudflare DNS challenge"
  • "Configure automatic renewal with a deploy hook that reloads Nginx after certificate rotation"

Guidelines

  • Use the Nginx or Apache plugin for automatic web server configuration when possible
  • Set up automatic renewal via systemd timer (preferred) or cron job running twice daily
  • Use DNS-01 challenge for wildcard certificates and servers not publicly accessible
  • Test with --staging flag first to avoid hitting Let's Encrypt rate limits during setup
  • Add a deploy hook (--deploy-hook) to reload the web server after successful renewal

More Security Skills

shield
1Claw

HSM-backed vault for agent secrets; store, rotate, share securely.

shield
1Password

Set up and use 1Password CLI (op).

shield
Auditing Appstore Readiness

Audit an iOS app repo.

shield
Authensor Gateway

Fail-safe policy gate for OpenClaw marketplace skills.