Questions tagged [lets-encrypt]

Let's Encrypt is a certificate authority that provides free X.509 certificates for TLS encryption.

Let's Encrypt is a certificate authority that entered public beta on December 3, 2015 that provides free X.509 certificates for Transport Layer Security encryption (TLS) via an automated process designed to eliminate the current complex process of manual creation, validation, signing, installation and renewal of certificates for secure websites.

An Python certificate management program called letsencrypt gets installed on the client side (the web server of an enrollee). This is used to order the certificate, to conduct the domain validation process, to install the certificate, to configure the HTTPS encryption in the HTTP server, and later to regularly renew the certificate.

After installation and agreeing to the user license, executing a single command is enough to get a valid certificate installed. Additional options like OCSP stapling or HTTP Strict Transport Security (HSTS) can also be enabled. Automatic setup initially only works with Apache and nginx.

Source: Wikiepdia

822 questions

votes

1 answer

SSL alert number 113

We're seeing some errors in the past few days similar to this one, in our nginx error logs: /var/log/nginx/error.log.2.gz:2017/01/30 16:11:46 [crit] 13114#13114: *139338 SSL_do_handshake() failed (SSL: error:14094459:SSL…

asked Feb 01 '17 at 23:19

Simon Woodside

votes

2 answers

Use Letsencrypt certificates for Postgresql

I have successfully configured Letsencrypt for my NGINX webserver on Debian 8 Jessie. Now I have installed Postgresql 9.4 and want to use the LE certificates (in /etc/letsencrypt/live/mydomain/com/...) for its SSL connection. I've set the paths to…

debian permissions ssl-certificate postgresql lets-encrypt

asked Oct 04 '16 at 16:49

algielen

votes

1 answer

What exactly does Let's Encrypt certbot's `enhance` command?

Let's Encrypt certbot have subcommand enhance that has a description "Add security enhancements to your existing configuration". The only additional information that I can find in certbot's CLI help file is: enhance: Helps to harden the TLS…

lets-encrypt certbot

asked Jul 17 '18 at 10:37

Maris B.

votes

2 answers

Let's Encrypt DNS challenge with multiple public DNS providers

We use two DNS providers for redundancy. Since the DynDNS DDOS attack of 2016, I expect we are not alone in this practice. I am attempting to use the Let's Encrypt certbot with DNS challenge. Having two DNS providers seems to pose a problem. Do both…

lets-encrypt certbot

asked Apr 06 '18 at 14:37

Larry Silverman

votes

2 answers

looking for a way to get certbot running on Amazon Linux 2

Amazon has a new Linux out called "Amazon Linux 2" When I try and get certbot going.... wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto ./certbot-auto gives this error Sorry, I don't know how to bootstrap Certbot on your operating…

lets-encrypt amazon-linux certbot

asked Dec 31 '17 at 19:34

iewebguy

votes

3 answers

Certbot fails. Enable Let’s Encrypt certbot on a new server that will replace the existing production server

I have an nginx web server with an SSL certificate provided by Let’s Encrypt using Certbot. For example, this site is publically available at https://example.com New server I’m creating a new server that will replace that existing server once…

domain-name-system ssl lets-encrypt

asked Dec 11 '17 at 12:38

Turgs

votes

1 answer

Verify return code: 21 (unable to verify the first certificate) Lets encrypt Apache to Nginx with crontab issue

I did this https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-14-04 then switch from apache to nginx with the following…

apache-2.2 nginx ssl ssl-certificate lets-encrypt

asked Sep 25 '17 at 07:43

Alexander Macleod

votes

1 answer

Let's Encrypt: Why is DNS challenge static?

To my understanding, LetsEncrypt DNS verification works by setting a static TXT record into DNS (basically just a nonce) which is then checked by the LetsEncrypt servers. When I first heard about it I was pretty excited and expected something more…

domain-name-system lets-encrypt digital-signatures verification

asked Jun 02 '17 at 23:29

divB

votes

3 answers

How to grant access to "/.well-known" directory on SVN server (Apache 2.2)

I cannot figure out how to disable authentication for the .well-known directory. Things behave as expected when I remove the SVN specific directives (DAV, SVNPath, AuthzSVNAccessFile). ServerName www.example.com DocumentRoot…

apache-2.2 lets-encrypt mod-dav-svn

asked Apr 10 '17 at 03:07

Reto Höhener

votes

1 answer

Use Let's Encrypt certificate for mail server

I currently have a free StartSSL certificate for my mail server (postfix/dovecot). Of course, it works fine but Let's Encrypt certificates are easier and faster to work with. My Apache server also uses a Let's Encrypt certificate. So, if I decide to…

postfix email-server lets-encrypt

asked Oct 25 '16 at 14:46

ABu

votes

1 answer

Let's encrypt SSL certificate for new server

my domain example.com is currently pointing to a server with an alphassl certificate. I want to point this domain to my new server (by changing the nameservers) without any timeout of https. So I want to install the let's encrypt ssl certificate for…

ssl lets-encrypt

asked Aug 11 '16 at 13:24

AndiPower

votes

1 answer

Let's Encrypt certbot - add a new domain to certificate

I have certbot installed and it created a certificate for a few domains that I host and that's working - I got a single certificate that covers all the domains. Now I want to add a new domain to the certificate. I saw the the domain roots are listed…

https lets-encrypt

asked Jul 23 '16 at 07:37

Ivailo Karamanolev

votes

2 answers

Reuse letsencrypt DNS challenge

With letsencrypt, certificates have to be renewed every 90 days. Every time a cert is renewed, ownership of the domains included in the cert has to be proven again. It is possible to do so by adding a _acme-challenge DNS record. Is it possible to…

lets-encrypt

asked Apr 26 '16 at 10:51

Zulakis

4,153
14
48
76

votes

1 answer

gitlab SSL configuration / certificate verification failed

I have my own gitlab server, now secured with an letsencrypt SSL certificate. Now, I want to publish some packages via packagist. But when I enter the git repository url in packagist, I got the following error message (urls changed): Uncaught…

ssl ssl-certificate lets-encrypt composer

asked Apr 25 '16 at 14:46

user351324

votes

3 answers

LetsEncrypt certificate renewal failure

I tried to renew the certificate of my server. The current one has expired 1 month ago, but I didn't took care of it until now. I tried to use the letsencrypt-auto renew command but got a failure: Note: I changed the domain/user/server…

ssl-certificate lets-encrypt renew

asked Apr 02 '16 at 11:38

Dan K.

Prev 1 2 3

…

54 55 Next