準備工作
首先有一個linux虛擬機器

$ apt-get install letsencrypt
$ apt-get install python-pip
$ pip install --upgrade pip
$ pip install certbot
$ certbot certonly --manual --preferred-challenges dns --email [email protected] --domains test001.bar.com
執行成功後

Please deploy a DNS TXT record under the name
_acme-challenge.erpnext.xyz with the following value:
J50GNXkhGmKCfn-0LQJcknVGtPEAQ_U_WajcLXgqWqo
產生key-value對，新增dns中(Create TXT record via DNS console and setup key and value):
Record Name: acme-challenge.erpnext.xyz
Record Value: J50GNXkhGmKCfn-0LQJcknVGtPEAQ_U_WajcLXgqWqo

點選繼續，出現下面的提示，匯出證書成功：

IMPORTANT NOTES:

• Congratulations! Your certificate and chain have been saved at:
  /etc/letsencrypt/live/nova.moe/fullchain.pem
  Your key file has been saved at:
  /etc/letsencrypt/live/nova.moe/privkey.pem
  建立google Cloud load balancing 谷歌雲負載平衡
  新增google Cloud load balancing https負載，
  後端伺服器連線到網頁儲存的cloud storage中。
  前端配置https，匯入證書。
  如果希望https和hhtp都可用，可以讓此ip分別監聽80和443兩個埠，同時早域名商中，新增域名到ip的連結。
  參考資料
  使用 Google Cloud Platform 的 Storage 託管靜態站點並通過 Google CDN 加速
  Generate Wildcard SSL certificate using Let’s Encrypt/Certbot
  Letsencrypt how to use preferred-challenges
  cloud google load balancing
  How to Setup a SSL for Google Cloud Storage hosted Site?
  Google Cloud Load Balancer redirect HTTP to HTTPS