Letsencrypt
- ACME (acme.sh) Free SSL Certificate
- Lego
- Enable LetsEncrypt SSL in ISPConfig
- LetsEncrypt Windows
- LetsEncrypt SSL On Nginx Password Protected site
- LetsEncrypt SSL On Apache Password Protected site
- Nginx Proxy SSL Verification
- Install LetsEncrypt in CentOS 7
Certbot commands
- Delete LetsEncrypt SSL certficate
- List all letsencrypt certificates
- Change Email address of LetsEncrypt SSL
- Certbot Remove a Domain Name from SSL Certficate
Install letsencrypt
1 2 |
wget https://raw.githubusercontent.com/serverok/server-setup/master/install/letsencrypt.sh bash letsencrypt.sh |
OR
1 2 3 4 |
cd /usr/bin wget https://dl.eff.org/certbot-auto chmod a+x /usr/bin/certbot-auto mv /usr/bin/certbot-auto /usr/bin/certbot |
Install SSL certificate on Apache
1 |
certbot --authenticator webroot --webroot-path PATH_TO_DOC_ROOT_HERE --installer apache --agree-tos --no-eff-email --email admin@serverok.in -d YOUR-DOMAIN.EXT -d www.YOUR-DOMAIN.EXT |
On Nginx
1 |
certbot --authenticator webroot --webroot-path PATH_TO_DOC_ROOT_HERE --installer nginx --agree-tos --no-eff-email --email admin@serverok.in -d YOUR-DOMAIN.EXT -d www.YOUR-DOMAIN.EXT |
This will stop web server. Generate SSL, then start web server.
Getting SSL with out installing
1 |
certbot certonly --authenticator webroot --webroot-path PATH_TO_DOC_ROOT_HERE --agree-tos --email admin@serverok.in -d YOUR-DOMAIN.EXT |
Getting SSL with out web server
Domain should be pointed to the server IP and IP should be public to generate SSL. Run the following command.
1 |
certbot certonly --standalone --agree-tos --no-eff-email --email admin@serverok.in -d YOUR-DOMAIN.EXT |
Auto Renew SSL Certificate
Set following cronjob to auto renew SSL
1 |
crontab -e |
Add
1 |
@weekly /usr/bin/certbot renew >> /var/log/le-renew.log |
List All SSL
1 |
certbot certificates |
Change Email Associated with account
1 |
certbot register --update-registration --email YOUR_EMAIL_HERE |
Search for LetsEncrypt SSL status