Menu

Free Letsencrypt SSL Cerificate with auto renewal script

This article has not been updated for a long time and may be outdated

Download Letsencrypt scripts from GitHub

Download and unzip letsencrypt repository (wget and zip packages are required).

unzip master.zip

mv letsencrypt-master letsencrypt && cd letsencrypt

Request free SSL certificate

For example, if I want to request a certificate for a domain karolak-k.com with subdomain howto.karolak-k.com:

./letsencrypt-auto certonly -w /var/www/karolak-k.com/web -d karolak-k.com -d www.karolak-k.com -d howto.karolak-k.com

Letsencrypt 1 ss

Now, if you don’t have any web server running on port 80, choose a standalone option. In the other case it is safe to choose webroot option (or Apache if you are running Apache web server).
Notice:  Nginx server may block letsencrypt requests in default configuration. Check a certificated site’s vhost configuration file for .well-known location.

Output
IMPORTANT NOTES:

-- Congratulations! Your certificate and chain have been saved at /etc/letsencrypt/live/karolak-k.com/fullchain.pem. Your cert will expire on 2017-02-16. To obtain a new version of the certificate in the future, simply run Let’s Encrypt again.

-- If you like Let’s Encrypt, please consider supporting our work by:

Donating to ISRG / Let’s Encrypt: https://letsencrypt.org/donate

Donating to EFF: https://eff.org/donate

 

Enable automatic certificates renewal

Create renewal script

 

 chmod +x letsencrypt-renewal.sh

Add created script to run from crontab:

sudo crontab -e

Add the following line to the bottom of the file:

00 01 01   /home/yourname/renew-letsencrypt.sh

 Save.

{{ message }}

{{ 'Comments are closed.' | trans }}