Last active
September 23, 2019 15:53
-
-
Save jpSimkins/e2ca698f62785479441d4d26bc28330e to your computer and use it in GitHub Desktop.
Install LetsEncrypt on Amazon AMI or CentOS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Install LetsEncrypt | |
| mkdir /opt/letsencrypt | |
| git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt | |
| # Create config file for LetsEncrypt (Replace YOUR_EMAIL with... well...) | |
| mkdir /etc/letsencrypt/ | |
| touch /etc/letsencrypt/config.ini | |
| echo "rsa-key-size = 4096" >> /etc/letsencrypt/config.ini | |
| echo "email = YOUR_EMAIL" >> /etc/letsencrypt/config.ini | |
| # Run LetsEncrypt to get cert (Replace DOMAIN_NAME and WEBROOT appropriately) | |
| # DOMAIN_NAME nuff said | |
| # WEBROOT is the absolute path to the webroot of the domain | |
| /opt/letsencrypt/letsencrypt-auto certonly --webroot \ | |
| -w WEBROOT \ | |
| -d www.DOMAIN_NAME \ | |
| -d DOMAIN_NAME \ | |
| --config /etc/letsencrypt/config.ini \ | |
| --agree-tos |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Let's Encrypt | |
| SSLEngine on | |
| SSLCertificateFile "/etc/letsencrypt/live/www.DOMAIN_NAME/fullchain.pem" | |
| SSLCertificateKeyFile "/etc/letsencrypt/live/www.DOMAIN_NAME/privkey.pem" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Lets Encrypt renewals (Runs twice a day) | |
| * 3,20 * * * /opt/letsencrypt/letsencrypt-auto renew --config /etc/letsencrypt/config.ini --agree-to && /sbin/service httpd condrestart |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This is how you can configure crontab for a LigthSail instance | |
| # Lets Encrypt renewals (Runs twice a day) | |
| * 3,20 * * * /opt/letsencrypt/letsencrypt-auto renew --config /etc/letsencrypt/config.ini --agree-tos && /opt/bitnami/ctlscript.sh restart apache |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # If you are getting: `ImportError: No module named cryptography.hazmat.bindings.openssl.binding` | |
| # Then run: | |
| rm -Rf /opt/eff.org | |
| # Also append `--debug` for the initial cert request. | |
| /opt/letsencrypt/letsencrypt-auto certonly --webroot \ | |
| -w WEBROOT \ | |
| -d www.DOMAIN_NAME \ | |
| -d DOMAIN_NAME \ | |
| --config /etc/letsencrypt/config.ini \ | |
| --agree-tos \ | |
| --debug | |
| # To fix the error: | |
| # - The 'virtualenv==15.1.0' distribution was not found and is required by the application | |
| # This should resolve any verison, not just 15.1.0 | |
| # Remove current virtualenv and use easy install to fix it | |
| sudo rm -rd /usr/bin/virtualenv* | |
| sudo /usr/bin/easy_install virtualenv | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment