Difference between revisions of "Letsencrypt"

	Note:
	To install or use a different version on SME Server 9.x, please see http://wiki.contribs.org/Software_Collections

	Skill level: Advanced
	The instructions on this page may require deviations from standard procedures. A good understanding of linux and Koozali SME Server is recommended.

	Warning:
	This procedure change the default certificates and could significantly compromise your server's security. Thorough understanding of linux system management is required. Proceed at your own risk

Introduction

Let’s Encrypt is a new Certificate Authority: It’s free, automated, and open.

Installation

followed instructions at http://wiki.contribs.org/Software_Collections and the python related wiki page specifically.

add the 2.7 by following : http://wiki.contribs.org/Scl#tab=Python27

Then : yum install python27 --enablerepo=scl-python27

at this time : scl enable python27 bash

To use Let's Encrypt run:

mkdir src
cd src
git clone https://github.com/letsencrypt/letsencrypt.git
cd letsencrypt
service httpd-e-smith stop
./letsencrypt-auto certonly --standalone --email me@mydomain.co.uk -d test.firstdomain.co.uk -d seconddomain.co.uk -d www.seconddomain.co.uk

Replacing email and domains as required. Then configure SME with the certificates generated:

config setprop modSSL crt /etc/letsencrypt/live/test.firstdomain.co.uk/fullchain.pem
config setprop modSSL key /etc/letsencrypt/live/test.firstdomain.co.uk/privkey.pem
config setprop modSSL CertificateChainFile /etc/letsencrypt/live/test.firstdomain.co.uk/fullchain.pem
signal-event post-upgrade; signal-event reboot

Source from info

Source: http://forums.contribs.org/index.php/topic,51961.msg266680.html#msg266680