LetsEncrypt remote installation and renew

Generate Certificate

I have not tested this recently so revise when completing again

letsencrypt certonly -d <website> --manual --manual-public-ip-logging-ok

Then follow the same steps as for renewing

The required apache config is below:

SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite HIGH:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM

SSLCertificateFile <directory>/cert.pem
SSLCertificateKeyFile <directory>/privkey.pem
SSLCertificateChainFile <directory>/fullchain.pem

Renew Certificate

On Remote:

letsencrypt renew --manual --manual-public-ip-logging-ok

This will give you a printf to run on webserver, run that in the root of the webserver and it will create a file in ".well-known".

Confirm this is working by accessing with a browser.

Press enter on Remote and it will attempt to renew.

This will generate new certificate files in /etc/letsencrypt/live/, you will need cert.pem, chain.pem and privkey.pem. Copy this to the webserver in the right locations and restart the webserver

Generate Certificate

Renew Certificate

blogroll

social