Let’s Encrypt setup for Apache, NGINX & Node.js

LetsEncrypt.md

Let's Encrypt

Examples of getting certificates from Let's Encrypt working on Apache, NGINX and Node.js servers.

Obtain certificates

I chose to use the manual method, you have to make a file available to verify you own the domain. Follow the commands from running

git clone https://github.com/letsencrypt/letsencrypt
cd letsencrypt
./letsencrypt-auto certonly --manual --email admin@example.com -d example.com

This creates a directory: /etc/letsencrypt/live/example.com/ containing certificate files:

• cert.pem
• chain.pem
• fullchain.pem
• privkey.pem

Node.js

var https = require('https');
var fs = require('fs');

var options = {
  key: fs.readFileSync('/etc/letsencrypt/live/example.com/privkey.pem'),
  cert: fs.readFileSync('/etc/letsencrypt/live/example.com/cert.pem'),
  ca: fs.readFileSync('/etc/letsencrypt/live/example.com/chain.pem')
};

https.createServer(options, function (req, res) {
  res.writeHead(200);
  res.end("hello world\n");
}).listen(8000);

Apache

LoadModule ssl_module libexec/apache2/mod_ssl.so
Listen 443
<VirtualHost *:443>
  ServerName example.com
  SSLEngine on
  SSLCertificateFile "/etc/letsencrypt/live/example.com/cert.pem"
  SSLCertificateKeyFile "/etc/letsencrypt/live/example.com/privkey.pem"
  SSLCertificateChainFile "/etc/letsencrypt/live/example.com/chain.pem"
</VirtualHost>

NGINX

server {
    listen              443 ssl;
    server_name         example.com;
    ssl_certificate     /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
}

for node js, in case you get permission denied error.
try
sudo chmod 755 /etc/letsencrypt/live/
sudo chmod 755 /etc/letsencrypt/archive/

FYI: The python implementation of "letsencrypt" is now "certbot" and the node.js implementation is now Greenlock for Web Servers and Greenlock for API Integrations