Step-1:

How to generate a new account keypair using openssl:
Generate an account private key if you don't have one:
(KEEP ACCOUNT.KEY SECRET!)
openssl genrsa 4096 > account.key
Print your public key:
openssl rsa -in account.key -pubout
Copy and paste the public key into the box below.


Step 2:

NOTE that for this step, if I paste the command provided below, then I will get an error about a "missing re-direct"
The way around that is just to enter the command:
  openssl req -new -sha256 -key domain.key
  
and then just answer the questions interactively instead of having them piped in form redirects.


Step 3:

setenv PRIV_KEY ./account.key
echo -n "eyJ1cmwiOiJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctYWNjdCIsImFsZyI6IlJTMjU2Iiwibm9uY2UiOiJUOGdRZ21jb3h2X1ZsTFBtY1JqUjVueWIyQkIya3plWE1DMDR1NHJoQm1RaHhHNC1mSXciLCJqd2siOnsiZSI6IkFRQUIiLCJrdHkiOiJSU0EiLCJuIjoiekg3ZG8wVmcwb0hqbDFiSGFFR2dob3gyV2FRR2dqQVdQdGkycEl0T09KN1BjOTl6MkJOd3FfODFQeGlRLUpKekdjSC1hVDZSM0ZVUHkzbThfRjBrUGc4RF9GOUhBVHhtYUFwTEdfcHRLQ2lrN3BVWmUtd1NCTHBZc3lUQnB5V0NlRzVGSjRKNEdhSmpGaE9pVm9Nanc1UGYybFlpZ1FfOW5KNExlejRhMlpkc3BHQm0wb2E1YkV6OVJLSVlsX0JURDJ5ODdYeHN1THdsRVE1eXJkWXR6UFpNSXY5dTdFbTgzUEVJZ20wTUlLQ1lOUlZVeWd2RzNJUVJnRy1mSXBYMmxpdUJFOUVFc0IxZnE0SlpWWkpBR3A5RjhNU3lXLTJCQlotdVZIckZvd0dpel9XNzQ3aFlVZjB1RUw4N3NqWEpJVFVnU05iak9sdEYzamQta01zZ0NWVExtX2p6c2NKNF8xZ2JiV0hoSEF2TVFINkhTSlR3aE4xQTNZVFU5a2o2aGZteDhwVC1EZGpoSW5vNGRMRkoyQW5RMDZtYzBxQlNHeGtnVTNMYWlyckVXei1sWGJFZGZFNHBteVo4LUMtamQ2bnVfSGpQRmsyNWx3ZEZNZVRIX2NsdlEyQks4WmVibmJ3clF5NmI3QkRRRWVHNHE5ZDFiNDZUYlNfemN2VlNGc19USHdRU1ZOU2REM0tOSnJxaURobHFhRnVuNlJKczJHWTk4YzdoVHZuMTNpdnoyYVJwOHZ3OXJiVHV5SnV1Wkd6NV9yUWNCUTZjQWJZdHk5WEJEWm53ek1HSzRUeUdTckhzLWg2cDI2ZzhsOWRUcnlIaTd5UWFmaW5wWDUzQ2puZGxYOXh1RDRnUDBpZnlFd1JqVi1LNG5vaXhsOF9NOVdVSXlRb0FGbE0ifX0.eyJ0ZXJtc09mU2VydmljZUFncmVlZCI6dHJ1ZX0" | openssl dgst -sha256 -hex -sign $PRIV_KEY

(stdin)= 83e2a5ebff687de17c24672de55e7ce86dced2acc9ab234543e092895e5358fa26fbcd49fb6e36276bfd9e0da924cc5bc72759b06d841af2e610e972be1290dc64476583a57b1b9b7911d3e0de6ad2836c1a3ea91ad71c20a60083c629d784389be858b2c032f22172fd35541d18fd88f464894f4620f989212214fa943bd0a62a65bb10b136cb6d46fb681d6103beb11bb0359030a245209894619b0d4ad7160664b769ee119dbfb49b6a38807b6d0b721757d879e55909a0a7c529c961009064b9f69b6f061065c0badf60da393117591355a7bc0c2c431150d905eb789952c89eee578386a5f7db93a361a5246e0baf01c0ab223a5f8aa4c23b980e99b11c8e7111caee013356fb693353a107f36784a06bd9a5eec9e6b678cb1f5c3ad71bc5110b1d92832d17d57372eff0de318ce22095b7035c083b3e4c27d47c1b0c662310f7e7dd0a875d91ed9693ba593bb9a9a770d1c3fce9e3ead918c7dcdcb8260decfa1e28f095a7a2842a1f45124931ee826b02d6a1b8b7fc5631ba875165551b4d6b6a94897758303e0a37cce68401c2c8b259fb41489b5e2468074c411ffb4ccb46dd4ae2000b1506ae4b7f0b9d99bf28ff71337557e4a67f3d7a9d3a18fcd7ac64983a9a7407879ee0d861480b9aea946544ba8d44ce4181862da3e34b962a359d85d25332d846112742840e0fff0237f2537bdd132d5b6d41aaec93f9cf


echo -n "eyJ1cmwiOiJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hY2N0LzE0NzI5Njk2NjYiLCJhbGciOiJSUzI1NiIsIm5vbmNlIjoiVDhnUWdtY291VDVWbk1FY2VrMkt4WS10VVhadDV0MlpsR2VpREFmY3FwQTRYaU5JVU93Iiwia2lkIjoiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC8xNDcyOTY5NjY2In0.eyJjb250YWN0IjpbIm1haWx0bzpzY2RlbWFyY0B5YWhvby5jb20iXX0" | openssl dgst -sha256 -hex -sign $PRIV_KEY

(stdin)= 4d8a3985757dadc2d2907cb2ba025ea4738491f84361dfd693d8261fddca2b4791eb0a9963a9176e9d6473a0b0bc28abd8a5ed3d50ac3ec5e40e8a6a8b7c698332b080fb553d5a6066299b7c414972a67759b817c796fdf2407ec5563d287197581616bbd76fc9ac8e571f5e75d3207d6e583f6b46aa4e97b6fb7dc0f5ed979096ba27e4711d4c8152834429fabde925951757663a702421611a1397032581f6a2c1c284353d4376aaa477f4e5da7ebedd538325efc367f2aef3ab53849149384fc3bc3cae017d3d7821332376ef8b6b3201c30b6ec8c9f6ce74b21d29c311c38c9ff04fb9e5d48f6db02151804fa95c9071e3cb3e779902292c0d496b43ae9fb7a298d90db2d5e063475e960e43cc6913d48caa173c4d195d3b5dae78821b0c35e433e434bf0018fd77fb2ee3939de19971675e57ba4c3d9d62fd8399c872ebcebc4b2a0585f68bd050f02ea6ea6a62808b6d65cad99c6491e8103e759788aa76907b64fd8e31c5d0d91cf2813228a55badc966e3a9c7763d3dc53baa4c9d019b65cf20c826fc0e76005c1564e699c9d19eb59878f9a20b0e0010cfb11e8b7fb002d2ecf8f617a6842c9a71e2aae6dc3f22440415d48545d9ba9d05f928033a89b7b182b92bfbc669c5424a0f98763c44494913df8a8a178e344fb9a10686094dcfde7ffa5e5285ee4f9176f32e43ada7ac193e4f7be7203862af786f977306


echo -n "eyJ1cmwiOiJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIiLCJhbGciOiJSUzI1NiIsIm5vbmNlIjoieGF2T29LSHZFY013MU90Znk5RHdZZ1h3NGJrRjRNUmlCTEFsMXNwQU8tX3ZqSG9XSF8wIiwia2lkIjoiaHR0cHM6Ly9hY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnL2FjbWUvYWNjdC8xNDcyOTY5NjY2In0.eyJpZGVudGlmaWVycyI6W3sidHlwZSI6ImRucyIsInZhbHVlIjoid3d3LmNhcm9saW5hY3VzdG9tLmNvbSJ9XX0" | openssl dgst -sha256 -hex -sign $PRIV_KEY

(stdin)= ca0e601a415b4071d93fdee0634c745d6c3abb5e20369eb8a6238889eafae3c776810fb23f9c68cb10b82829df1a8d8782ec46395d0d4d1230d4b3c738974e9449cd6e28f8785c626ff399983d49f2dc6bc07efd5d6e5611fec50d11052dd4a50dd9a199d0213b560dfb77350ca3e9995006a24ddad816308c0ae264d36175447e2bcb19e70c991f422ad9b31795947379a2f74e46a1cc162be12b69515c2bfa42e3cbc432d437a6b6ef06fab2e1ff8a57661c56462c3f0e650426a47b65afc37133a2c7aa6cd0522f5570df8d774344da826cdbb6ef0d90ba2da49d016ada957eeb6cb80bd4ada2d7f8cfc31f5aa11789a2e757e8f0a0b5f69756fa821a9d29679d64ca5565d180ff91f19b3f2611b5eed6ad68a0c513dccc088c6ce675c2e175279d0aa5702b93de5bf5f6f22bc026fb1a8aca01731ecb4276b01cbbad391d93a7a140d98b5b735baf0dec5f490260a524a898a00a84fc95937f9688bbc846403170c79d2864a74e6653c58534bdbeaaf1e466def37afc7920ad8f0791af20130f2045266f43d3704152952da3767f2f122aaf8c8ece154a4e876f7a7ff92136a5ea228be2899bb9ff5a82d187bc3e9f72540a0405a793acec399e1436592de513b2047d6c4895e4e78d0af2d3b32fdb8ecdce1b072c346ad3008d2b98cea122e2b29c3b48c26687ff0235719f25c2e86ced49687dabc8fcdba8f203b4ff56



Step 4:
sudo python2 -c "import BaseHTTPServer; h = BaseHTTPServer.BaseHTTPRequestHandler; h.do_GET = lambda r: r.send_response(200) or r.end_headers() or r.wfile.write('jhyYPI_akYki1I6rdSvxeLX1q5T3VfGFiIIqRFY3v5c.0dqGYC33X7NKYG9wDePnHyx7igZlnQhhjjN1RzCZEP8'); s = BaseHTTPServer.HTTPServer(('0.0.0.0', 80), h); s.serve_forever()"

PLEASE NOTE: to avoid getting this error:

  Traceback (most recent call last):
    File "<string>", line 1, in ?
    File "/usr/lib/python2.4/SocketServer.py", line 330, in __init__
      self.server_bind()
    File "/usr/lib/python2.4/BaseHTTPServer.py", line 101, in server_bind
      SocketServer.TCPServer.server_bind(self)
    File "/usr/lib/python2.4/SocketServer.py", line 341, in server_bind
      self.socket.bind(self.server_address)
    File "<string>", line 1, in bind
  socket.error: (98, 'Address already in use')

It is necessary to su to root and stop the apache webserver with "astop"


PRIV_KEY=./account.key; echo -n "eyJ1cmwiOiJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My8yOTUxMTc3NjA2NzYvbVkxNEdnIiwiYWxnIjoiUlMyNTYiLCJub25jZSI6Inhhdk9vS0h2cWVZdS0xa0ZnS1ZWYW1FQ2VNNTRGMkJzdDN3SDZHQU5lb2RBYW9KTHVSZyIsImtpZCI6Imh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTQ3Mjk2OTY2NiJ9.e30" | openssl dgst -sha256 -hex -sign $PRIV_KEY

(stdin)= adb7cb4375bbb1696e82cae7007f850222e0df65848b905b8e533427255741bef72a795a3356c7577be5cf4bce31c939c24bd196c2305c4712250db67cbcf261cb3dd33e2fbe8c3d2ad7abaa332ac091559c0af858310e25380df95f646fc1b71dfe1a2aeaaf6a66ff219a40fb101d4eb910bdee6bbae94a636a30b2476a26a117820b918d9b7d654e8f258b7b13c4a75640de4bb79ff2dc20915850094fa96bdfc2490833ff34d3d0006c85c442bcf136d970b459ddfde9194cc68754ffe2647479e5afc941a9963d58d42760c2fbce952ab0e9da6b64533636dd12dbaebb8fe7c09f27b5a112e5c6af013e7c6a4410819649d0ee1727f19d6951c7e76b8df10471860b07839f0a0fb96e9a6b491bd954b66700c694ee6b7b3525d0dfa6b221911ce35090dd2267d79469ba51183a2d6cd109213358c355e0d63c4084311c0b7fa79b74f37484dcc88102b7ac982d4ccdbc3d30ce77b881580edd277dac8e69b59f2aea98d784f4eb7b0966408aa3225696af7b6327a825d868356e31d40063e7278fa3e02bf69648a45ad165182ab5c8a2b3e2cf8238843e4802ad804e855fb69547e338c4d336e44da9602ebbb3ea2fefa8b3948fc259c7c9986d2f144a5465d4b5ef7c87551ab508a82d8974fc4a575bca1e90b39d383bd8947af03df62ea49e45fb5584d454b84ad2c073d1c20a880f4865b0cdc757aae86d253e531b08

echo -n "eyJ1cmwiOiJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9maW5hbGl6ZS8xNDcyOTY5NjY2LzIzMDI2Mjc1NzQ5NiIsImFsZyI6IlJTMjU2Iiwibm9uY2UiOiJUOGdRZ21jb1ZRTURtbkRlSXhXTGxrN3NTSXNxZ05HbVpncTdCR0M2TE1Gb3ZfMC05UGciLCJraWQiOiJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hY2N0LzE0NzI5Njk2NjYifQ.eyJjc3IiOiJNSUlFOGpDQ0F0b0NBUUF3Z2F3eEN6QUpCZ05WQkFZVEFsVlRNUmN3RlFZRFZRUUlEQTVPYjNKMGFDQkRZWEp2YkdsdVlURVFNQTRHQTFVRUJ3d0hRMnhwYm5SdmJqRVlNQllHQTFVRUNnd1BRMkZ5YjJ4cGJtRWdRM1Z6ZEc5dE1SUXdFZ1lEVlFRTERBdEZibWRwYm1WbGNtbHVaekVmTUIwR0ExVUVBd3dXZDNkM0xtTmhjbTlzYVc1aFkzVnpkRzl0TG1OdmJURWhNQjhHQ1NxR1NJYjNEUUVKQVJZU2MyTmtaVzFoY21OQWVXRm9iMjh1WTI5dE1JSUNJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBZzhBTUlJQ0NnS0NBZ0VBM2tndzVDTThZZ3pPUnc0dnlyclRxU0dILTRKbEZHN0JELUJSSGV1TGdYTjE1eTU5cS1UUWU1bzdac1F5X2NHVzdEVkQtSEJON2MxRjFpZDBzTFlkMGxIejF1N2JJcDVqNzJleUstTHI5dmxUd3VRVmNOSkZQcFNLYWt0bWI0U0hYZHZNeTZYQXpmYnJ5Rk9fOU1WcHhsR21zVVZfNWRLa1RPdTNia3ZuTWtnVERVVXRBampySUhpeTJld1VsM21hN2s0RWxYbG9IT2ZBZTN0OTMzY0JJcG9WS284bnN1dTBWZVBYLTdfZEQ3ZWU0Zmg5cmxUdjBjdi1OSDJNU212MUYySUJIQ05hV0tmbG1TbDFkOGk3YUZIWDQxUnJaLXpEaEdGaHloa0lkdmhFVUFWM0JabVp4LVRnVmJTSi1IOERHRlFXVXM1dHJJMl9NcEROUTVZcWVRX3lSVGZzTVlBNXh5YzhJYlF2REZpNDg5dDVrTXdfRncwLTRfVG1PYlJoM2F0ZmlrOEtQZjhiMHJkRVp1cVJBWmRjbG16cVBvNXNGOXQ4VHdBQnJjUXp0SjZnZFRzTmd6Y295a3RsSDVVS3dzeF9ldjJwanZUTmhZc2Y1X0hhS1p4YUVIR0R0SllqYzQxRlJaMEQ3NkRWSmw0bnVid3lpU2xuOUV5dE5VQ2VQMTBYLXM5UXJSUkNzbFRld0s1X0FwUGxCYTNKRjNDd3p2RkoxZnJZWUlSMGtGTlQ4RU9xU3BscmRjbzVjTnJ3emNqVmNUaE04MjlrX1J3N1dUeU1sdl9USWNMOEl2V2VrSXA2RjlmWTQxSDFRejdRd0V3dFBHVDU2ajBkaHYzbUdZbld0X05ac1VmY28tZTVJTnF6UzJJQ0pzMEJuMVpFX29wbXgxX2ppOUVDQXdFQUFhQUFNQTBHQ1NxR1NJYjNEUUVCQ3dVQUE0SUNBUUFnUkplVkNDc2R4RXl5YjBDZFFIWWRXbVZVVC1sQTN6MC1mMTMyTEFNdXoxX3NrdnExR0QwaWp6ak5CMGszZk4xYzZNc0F1amN6dmVpVVBDRGpIRF9ZbTFpMHZ6V05VS1hJNDJKa2hXeXpTWGRCSGhZNGxmU0kwbnpkY3lWRFVFYjJzWkY0eHNCMVVsLUVjZ0pMcXM4enppLUh3RThMaXhnR2k5RzBaSU9PX1gxSE1PUHE3bndKUERsUjFJbVFmd0xqZmM5Vk5ZZ2xxa0pDVHk4ZnBuTEJfY2hVLUFNdWpzbEdMTGlMNktWZFNhT25vQ2dYRnhWVGRlUTlDTjUyQnFMcG5FZ2duX0hPQUtLY1RKSGtVQnJMWHY3c2RqVHVjZmpGcC0yRGI0UnJ6MU9rMmlfTTVTZmQxSlNmbGxiYnR6Y3dyd0k2dm5xcjZ0ZVdHQmpjVDlzWS1yS2hRS3M3OGxMWHY0VTBMMEJ2TnFUZTdqUy1wMXJ3LUVKTmNVbFZHRWw3LTU4cjI5QlBTUXA1VzVlcEpfZWtHc29vamxTYldJU0k3VEw5R1I3NEFLbVRpUEltUTBrQmFQZmllbUU2a3VJbmdRdm9YRU85bkh6M0tCem1kWm5RMktpM3VMY25Oejg4T0x6UV9QdXVBVlpISnRpaVdyaDVPT2t5R0FWUVM4NG9MSkxpWkJ4bjdNTHV2OTRNTUJHMGhydF95azdxTndxb1NrNGtaMGlDSVlEeEQtWUk0aEt6MU5VbU9CRDJJSzRRbnVFcU9hMWFnUDlTSU1IZ0F5bWRoUmFpUHhSaGdqSGhGUGExVzZmbV80RTlUdXZIREZ0b3Fzek9uWHNfdVVLZDdtX0dJWF9wNndGYnRVY1FFbXQ2UDVRanlsM3ZvcXozQkZLZFN2eVgyZyJ9" | openssl dgst -sha256 -hex -sign $PRIV_KEY

(stdin)= 0417aa632e65d6cc0c99a1f3924b8a8a0c1e76abf52c0e4147c4517f3d863c2066b957b8cf91216ea0020070b0acb0336cdc963cd94704aeb58f95878a437fa9d437c09b8d7aba63749fd4026960bb9543610b58193526d20efbefe1789da5d6ff171529008f320f65724e475b32ab2d3a43421ec741878e4cbc0a92fcd2b1cc93dfb7241bf093cec5e7262d9559792096dc6168c5156cc304acae2419df8d07bfc44544b2858782ef94f8ba101afd76c5b646c04c3e15589071843422cc8c02838f3ff70f635634a8dd7585fd95aa125f9aab85f5bb98f9a834c513b1ae753093ac6eb3a3ba5bb4037bcd2ab26daa7552f5ecf5660ab2263e85e6e87fb1806544f520f85fd29c7ed3e851111597d2cafd16b7116acd2036f087cbf6ace91a6d78ec0e9e269274529067e6019bdbb6258a091312a77a76153e25053a6f3066c193b8e39eabdc24f7f49ffeb1bac1bb023f2128d12db1c3266d332789834cd439f29a1f2b9427216fc05496227f4681c550bb94e40838fe62d38544af7321eee18c01da904b0d85ea0383caf68d1f047a18714d9e1498ac5236260faf5e4855d3523eef42d496508aeee7d2591e8970a38fe188c4af693a3d3aca04ab41d53c53cd28dbdfed13d75bef07dd3c2ebb1dcc51ac127d7dbc929ead44612f56eb0bd596d3aaf6fa6c485bd909f75edec15574e9c4d57bf74867f47e7ac912eea8b01c

Step-5:
save generated certificate to domain.crt

cp -a /home/scdemarc/www/ssl_cert/lets_encrypt/2023_12_19/domain.crt /usr/local/apache/conf/ssl.crt/carolinacustom.crt
cp -a /home/scdemarc/www/ssl_cert/lets_encrypt/2023_12_19/domain.key /usr/local/apache/conf/ssl.key/carolinacustom.key