Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [lets-encrypt]

Let's Encrypt is a certificate authority that provides free X.509 certificates for TLS encryption.

Let's Encrypt is a certificate authority that entered public beta on December 3, 2015 that provides free X.509 certificates for Transport Layer Security encryption (TLS) via an automated process designed to eliminate the current complex process of manual creation, validation, signing, installation and renewal of certificates for secure websites.

An Python certificate management program called letsencrypt gets installed on the client side (the web server of an enrollee). This is used to order the certificate, to conduct the domain validation process, to install the certificate, to configure the HTTPS encryption in the HTTP server, and later to regularly renew the certificate.

After installation and agreeing to the user license, executing a single command is enough to get a valid certificate installed. Additional options like OCSP stapling or HTTP Strict Transport Security (HSTS) can also be enabled. Automatic setup initially only works with Apache and nginx.

Source: Wikiepdia

822 questions
0
votes
1 answer

Unable to verify my domain for letsencrypt

I can't understand how to verify my domain for letsencrypt. $ ./letsencrypt-auto certonly -a webroot --webroot-path=/home/my_user1/my_domain -d my_domain.com -d www.my_domain.com Requesting root privileges to run certbot... …
Johshi
  • 113
  • 1
  • 5
0
votes
1 answer

Nginx SNI and Letsencrypt on FreeBSD; Wrong certificate?

I have a VPS with 14 domains and I setup letskencrypt to automatically retrieve a separate certificate for each domain with all sub-domains included. So, I have 14 certs. Obviously, putting all domains in one cert is not an option because soon I'll…
Mamadou Babaei
  • 11
  • 4
0
votes
2 answers

How can I get my ELB to connect via SSL to an app running on a custom port?

Hi – I'm a beginner with SSL/HTTPS so apologies if my terminology/understanding here are limited. I'm running a NodeJS app which is a proxy server for multiple other servers (it's a simple load balancer, following the code in this article). The Node…
Matt Andrews
  • 225
  • 2
  • 7
0
votes
2 answers

cannot run certbot on ubuntu 14 server for lets encrypt

I already had let's encrypt on an ubuntu server (python v2.7.6) but it is no longer running complaining that I am using an old client. I downloaded the certbot client for ubuntu 14 but when I run the following command, I get the error copied below…
ali haider
  • 1,140
  • 3
  • 16
  • 29
0
votes
1 answer

"SSL_ERROR_INTERNAL_ERROR_ALERT" Using Let's Encrypt & Nginx

I've been running my Nginx web server for almost a week and all of the sudden, it started throwing this error (using HTTPS only) & redirecting to /defaultsite when using HTTP. The website link is https://leakkiller.com, if you want to see what…
Nhabbott
  • 11
  • 4
0
votes
1 answer

apache2 rewrite configuration not working

I have a file www.example.org.conf that I want to redirect http to https. The problem is the file doesn't exactly work right. ServerName example.org ServerAlias www.example.org DocumentRoot…
Brandon Nguyen
  • 85
  • 2
  • 9
0
votes
0 answers

Could I have a postmortem on a bumpy update with Let's Encrypt?

I asked a question earlier about Let's Encrypt details at How can I use Let's Encrypt (letsencrypt.org) as a free SSL certificate provider?, and @warren answered, saying: I have written a pair of how-tos for running Let's Encrypt SSL certs on…
Christos Hayward
  • 1,162
  • 3
  • 16
  • 35
0
votes
1 answer

letsencrypt has stopped auto renewing

I set up my letsencrypt certs at the beginning of this year and all was working fine - they've all auto renewed with a crontab job at least once in that time. I originally used this walkthrough to set them up:…
Nathan Hornby
  • 101
  • 3
0
votes
1 answer

Letsencrypt and SRV records

I have the following setup: A Domain example.com 2 Servers: server1.example.com and server2.example.com I would like to use srv records to have expressive domain names for each of my services. For example ssh.server1.example.com and…
Mohammed Ajil
  • 13
  • 1
0
votes
1 answer

Can't set up Let's Encrypt certificate with Apache 2.4, "invalid response" according to Chrome

I'm trying to set up Let's Encrypt certificates on my server, but so far everything that can go wrong has gone wrong. I downloaded the certificates without having the script mess with my Apache config files, so it's up to me to manually mess with…
Peter W.
  • 101
  • 4
0
votes
1 answer

Are nodejs apps with proxy that has SSL certificate still secure?

I wrote a node.js app to deal with processing forms on a business's website. These forms can contain sensitive information so I knew it needed an SSL certificate. Since I didn't want to serve my node app from port 80, I used Apache to proxy it from…
cmelone
  • 33
  • 1
  • 5
0
votes
1 answer

Let's encrypt allows only one vhost per file on ubuntu/apache

Currently I am trying to set up let's encrypt on my Ubuntu 16.04 server. I am using Apache 2.4.18 as my webserver and also passenger. I am using the following command to generate my certs and to configure the apache files: letsencrypt -d…
0lli.rocks
  • 101
  • 1
0
votes
1 answer

SSL on some virtualhosts complains about wrong domain name

So I recently ran into this problem and want to describe the issue and the solution here: I have several virtualhosts on a httpd server and started to install letsencrypt SSL certificates on it via the certbot-auto tool. This was working fine…
uncovery
  • 305
  • 5
  • 14
0
votes
1 answer

Disabled RC4 and SSL v3 with existing cert from letsencrypt

I can renew a cert like this: certbot-auto renew --apache but what parameters do I pass when I want to disable the less secure RC4 and SSL v3? I would assume the information I need is here, but I can't see…
Sarke
  • 411
  • 1
  • 5
  • 12
0
votes
0 answers

Certbot - SSL: unknown protocol error

We are trying to install and use Certbot. We have installed it and we tried to install one certificate (for https://www.tuxx.cn/), but this gives the following error when using Mozilla Firefox: SSL_ERROR_RX_RECORD_TOO_LONG Using Curl, we also get an…
www.data-blogger.com
  • 201
  • 1
  • 3
  • 10
1 2 3
54 55