TLS-ALPN-01 Challenge

This guide explains how to get and renew a certificate with the TLS-ALPN-01 challenge.

Note

The examples require that the lego binary has permission to bind to ports 443.
If your environment does not allow you to bind to these ports, please read Running without root privileges and Port Usage.

Execute the following command:

lego run -d 'example.com' --tls

Create a .lego.yml file with the following content:

certificates:
  foo:
    challenge: tls-alpn-01
    domains:
      - example.com

And execute:

lego