Follow these steps to generate a valid certificate with LetsEncrypt and install into the Madsonic keystore.
Be sure to forward port 443 to your jail for LE authentication.
Replace example.com
with your domain or subdomain.
Based on Madsonic installation in jacobblock's guide
Install
cd /usr/ports/net/socat && make install clean && cd ~ && curl https://get.acme.sh | sh
Now re-log or source profile
Generate cert
acme.sh --issue --standalone -d example.com --renew-hook "/root/madsonic-renewal.sh"
cp /usr/local/madsonic/madsonic-booter.jar /usr/local/madsonic/madsonic-booter-backup.jar
cd /root/.acme.sh/example.com/
openssl pkcs12 -export -out madsonic.pkcs12 -inkey example.com.key -in example.com.cer -certfile ca.cer -password pass:madsonic
keytool -importkeystore -srckeystore madsonic.pkcs12 -destkeystore madsonic.keystore -srcstoretype PKCS12 -srcalias 1 -destalias madsonic -storepass madsonic -srcstorepass madsonic -noprompt
zip -u /usr/local/madsonic/madsonic-booter.jar madsonic.keystore
Edit your launch daemon (/usr/local/etc/rc.d/madsonic
) by adding : ${madsonic_https_port="4443"}
under : ${madsonic_port="4040"}
and then --https-port=${madsonic_https_port}
to the command_args
line, make sure this stays as a single line.
Restart Madsonic service madsonic restart
That's it! You should be done.
If you have any problems restore the backup /usr/local/madsonic/madsonic-booter-backup.jar
and try again.
Create sh script /root/madsonic-renewal.sh
as follows:
cd /root/.acme.sh/example.com/
openssl pkcs12 -export -out madsonic.pkcs12 -inkey example.com.key -in example.com.cer -certfile ca.cer -password pass:madsonic
keytool -importkeystore -srckeystore madsonic.pkcs12 -destkeystore madsonic.keystore -srcstoretype PKCS12 -srcalias 1 -destalias madsonic -storepass madsonic -srcstorepass madsonic -noprompt
zip -u /usr/local/madsonic/madsonic-booter.jar madsonic.keystore
service madsonic restart
Make it executable
chmod a+x ~/madsonic-renewal.sh
Changed Certbot to acme.sh.