by Using Let’s Encrypt to create an SSL certificate at no cost is an excellent resource for home labs. Use this walkthrough to create SSL certs for your home lab.
Official documentation for using the certbot-dns-digital ocean plugin is located at certbot-dns-digitalocean.readthedocs.io.
I recommend starting with a minimal installation of RHEL or CentOS Stream.
Install pip, create a virtual environment, install certbot and the digitalocean plugin, then add Cerbot to your path using the following commands:
sudo dnf install python3-pip sudo python3 -m venv /opt/certbot/ sudo /opt/certbot/bin/pip install certbot certbot-dns-digitalocean certbot sudo ln -s /opt/certbot/bin/certbot /usr/bin/certbot
Create a configuration file with your DigitalOcean API credentials.
vi ~/digitalocean.ini chmod 600 ~/digitalocean.ini
To acquire a wildcard certificate, modify the following command for your domain name:
sudo certbot certonly --dns-digitalocean --dns-digitalocean-credentials ~/digitalocean.ini -d '*.ntnx01.mydc.dev'
Copy the certs and key generated by Certbot to your home directory and update the permissions.
sudo cp -r /etc/letsencrypt/archive/ntnx01.mydc.dev ~/ sudo chown -R crobinson: ~/ntnx01.mydc.dev
To transfer the files over ssh from the client machine, run the following:
scp [email protected]:~/ntnx01.mydc.dev/* ./
Apply the certs as needed to your environment.
Good luck!