Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Install LetsEncrypt on Amazon AMI or CentOS
# Install LetsEncrypt
mkdir /opt/letsencrypt
git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt
# Create config file for LetsEncrypt (Replace YOUR_EMAIL with... well...)
mkdir /etc/letsencrypt/
touch /etc/letsencrypt/config.ini
echo "rsa-key-size = 4096" >> /etc/letsencrypt/config.ini
echo "email = YOUR_EMAIL" >> /etc/letsencrypt/config.ini
# Run LetsEncrypt to get cert (Replace DOMAIN_NAME and WEBROOT appropriately)
# DOMAIN_NAME nuff said
# WEBROOT is the absolute path to the webroot of the domain
/opt/letsencrypt/letsencrypt-auto certonly --webroot \
-w WEBROOT \
-d www.DOMAIN_NAME \
-d DOMAIN_NAME \
--config /etc/letsencrypt/config.ini \
--agree-tos
# Let's Encrypt
SSLEngine on
SSLCertificateFile "/etc/letsencrypt/live/www.DOMAIN_NAME/fullchain.pem"
SSLCertificateKeyFile "/etc/letsencrypt/live/www.DOMAIN_NAME/privkey.pem"
# Lets Encrypt renewals (Runs twice a day)
* 3,20 * * * /opt/letsencrypt/letsencrypt-auto renew --config /etc/letsencrypt/config.ini --agree-to && /sbin/service httpd condrestart
# This is how you can configure crontab for a LigthSail instance
# Lets Encrypt renewals (Runs twice a day)
* 3,20 * * * /opt/letsencrypt/letsencrypt-auto renew --config /etc/letsencrypt/config.ini --agree-tos && /opt/bitnami/ctlscript.sh restart apache
# If you are getting: `ImportError: No module named cryptography.hazmat.bindings.openssl.binding`
# Then run:
rm -Rf /opt/eff.org
# Also append `--debug` for the initial cert request.
/opt/letsencrypt/letsencrypt-auto certonly --webroot \
-w WEBROOT \
-d www.DOMAIN_NAME \
-d DOMAIN_NAME \
--config /etc/letsencrypt/config.ini \
--agree-tos \
--debug
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.