Free Letsencrypt SSL Cerificate with auto renewal script
Download Letsencrypt scripts from GitHub
Download and unzip letsencrypt repository (wget and zip packages are required).
mv letsencrypt-master letsencrypt && cd letsencrypt
Request free SSL certificate
For example, if I want to request a certificate for a domain karolak-k.com with subdomain howto.karolak-k.com:
./letsencrypt-auto certonly -w /var/www/karolak-k.com/web -d karolak-k.com -d www.karolak-k.com -d howto.karolak-k.com
Now, if you don’t have any web server running on port 80, choose a standalone option. In the other case it is safe to choose webroot option (or Apache if you are running Apache web server).
Notice: Nginx server may block letsencrypt requests in default configuration. Check a certificated site’s vhost configuration file for .well-known location.
-- Congratulations! Your certificate and chain have been saved at /etc/letsencrypt/live/karolak-k.com/fullchain.pem. Your cert will expire on 2017-02-16. To obtain a new version of the certificate in the future, simply run Let’s Encrypt again.
-- If you like Let’s Encrypt, please consider supporting our work by:
Donating to ISRG / Let’s Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate
Enable automatic certificates renewal
Create renewal script
chmod +x letsencrypt-renewal.sh
Add created script to run from crontab:
sudo crontab -e
Add the following line to the bottom of the file:
00 01 01 /home/yourname/renew-letsencrypt.sh