Taken from https://mediatemple.net/community/products/grid/208603976/install-a-let's-encrypt-ssl
-
Account Email: info@diglib.org
-
Account Public Key:
cd ~/ssl/ && openssl rsa -in account.key -pubout
-
Step 2: Certificate Signing Request Run
generate_csr.sh
and paste the output to the terminal. Take that output and put it in the web form.openssl req -new -sha256 -key www.diglib.org.key -subj "/" -reqexts SAN -config <(cat /etc/ssl/openssl.cnf <(printf "[SAN]\nsubjectAltName=DNS:www.diglib.org,DNS:diglib.org"))
This is needed to get both
www.diglib.org
anddiglib.org
. -
Run the rest of the commands for the API requests
-
Put the files it wants to read in
~/domains/diglib.org/html/.well-known/acme-challenge
with the key output in the file (echo serve-this-content > ~/domains/diglib.org/html/.well-known/acme-challenge/filename
). -
Check that the URL works...
-
Keep going with the copy-n-pasting fields
-
When you're done, paste in the CSR, key, and chain certificates...
If everything goes well, it'll say it was imported