Questions tagged [lets-encrypt]

Let's Encrypt is a certificate authority that provides free X.509 certificates for TLS encryption.

Let's Encrypt is a certificate authority that entered public beta on December 3, 2015 that provides free X.509 certificates for Transport Layer Security encryption (TLS) via an automated process designed to eliminate the current complex process of manual creation, validation, signing, installation and renewal of certificates for secure websites.

An Python certificate management program called letsencrypt gets installed on the client side (the web server of an enrollee). This is used to order the certificate, to conduct the domain validation process, to install the certificate, to configure the HTTPS encryption in the HTTP server, and later to regularly renew the certificate.

After installation and agreeing to the user license, executing a single command is enough to get a valid certificate installed. Additional options like OCSP stapling or HTTP Strict Transport Security (HSTS) can also be enabled. Automatic setup initially only works with Apache and nginx.

Source: Wikiepdia

822 questions

votes

2 answers

How to fix issues with LetsEncrypt certificate chains on Windows Server?

I've been using LetsEncrypt to generate certificates for my sites on Windows 2012 R2 server. It worked great, until recently when I renewed the certificates. LetsEncrypt made a recent change where they swapped the intermediate certificate with name…

asked Mar 30 '16 at 22:23

David

votes

3 answers

How can I use Let's Encrypt (letsencrypt.org) as a free SSL certificate provider?

I have a few sites running with a StartSSL free certificate (CJSHayward.com, JobhuntTracker.com), and Firefox rejects StartSSL and displays an error page saying that my server is not properly configured (IIRC) because of the certificate chain. I…

debian ssl apache-2.4 lets-encrypt

asked Mar 21 '16 at 17:32

Christos Hayward

1,162
3
16
35

votes

0 answers

SSL_do_handshake() failed (SSL: error:141CF06C:SSL routines:tls_parse_ctos_key_share:bad key share) while SSL handshaking, client:

A few months ago I started getting complaints from dozens of users about getting errors when connecting to my site. When I look into the error.log of nginx I see daily SSL errors: I have no idea what could cause this issue since 99% of users are…

nginx openssl lets-encrypt

asked Apr 16 '22 at 11:47

Michiel

votes

3 answers

How do I specify a port other than 80 when adding SSL certificate using Certbot?

I have a server which runs 2 different web servers (Apache and Nginx). The Apache server takes care of all the traffic directed to Wordpress sites whereas the Nginx server serves my Python API and React Web App. Due to conflicting ports with Apache,…

port lets-encrypt certbot

asked Nov 19 '21 at 12:30

Dimitar Veljanovski

votes

1 answer

How can I disable "Subject Alternative Name" from being included in Certbot Let's Encrypt certificates?

Using Certbot to install an R3 Let's Encrypt certificate on an nginx webserver causes all the other domains in the nginx configuration to be included under "Subject Alternative Name" on the certificate. This is undesirable for my use case. I read…

ssl-certificate lets-encrypt certbot

asked Oct 19 '21 at 13:01

Altimus Prime

votes

1 answer

Will certbot actually renew my certificate?

Looking at /etc/cron.d/certbot, I don't think it will! That file includes the line: 0 */12 * * * root test -x /usr/bin/certbot -a \! -d /run/systemd/system && perl -e 'sleep int(rand(43200))' && certbot -q renew and, unless I'm reading it wrong,…

ssl-certificate cron ubuntu-18.04 lets-encrypt certbot

asked Sep 07 '21 at 07:45

IpsRich

votes

1 answer

Is the subdomain _acme-challenge protected?

I was looking into the DNS-01 challenge of Let's Encrypt; and I had a question about the sub domain process [1]. Let's say, the website example.com gives away free subdomains; what stops me to request a Let's Encrypt wildcard certificate for…

domain-name-system subdomain certificate-authority lets-encrypt

asked Apr 21 '20 at 09:46

Ceesz

votes

2 answers

Let's Encrypt Certificate for Internal Site

I am hoping to clear up some confusion I have regarding the use of Let's Encrypt for an internal site/application. I have not been able to find this information elsewhere. I want to use Let's Encrypt paired with Certbot to allow the use of SSL on an…

ssl ssl-certificate https lets-encrypt

asked Apr 17 '20 at 19:57

Newb 4 You BB

votes

1 answer

LetsEncrypt certificate for nested wildcard subdomain

I've generated Lets Encrypt wildcard certificate for my domain *.domain.com. I thought this certificate is valid for any nested subdomain *.*.domain.com, like it.*.domain.com or fr.*.domain.com. But browsers giving me error, that wildcard…

subdomain lets-encrypt wildcard

asked Apr 07 '20 at 14:36

Ilya Cherevkov

votes

2 answers

nginx can't find /etc/letsencrypt/options-ssl-ngin.conf file

I'm trying to serve a python-django webapp using a linux box (running ubuntu 18.04) with nginx, gunincorn, letsencrypt and docker. After following a number of online tutorials I have been successful in serving the app via http through port 80 by…

nginx docker django lets-encrypt docker-compose

asked Jan 19 '20 at 17:34

Matt Ellis

votes

1 answer

How do I use let's encrypt with an Azure Storage Static Site/Azure CDN

i am working on hosting a static site in Azure Blob Storage. With an azure cdn it is possible to have a custom hostname and SSL, which suits my needs. I would like to use let's encrypt and make it renew itself. I suppose a good way to store the…

ssl azure hosting lets-encrypt

asked Oct 31 '19 at 18:34

S. ten Brinke

votes

1 answer

Installing certbot - error - "nothing provides pyparsing"

I'm trying to set up let's encrypt on my Amazon ec2 RHEL nginx server, via the command $ sudo yum install certbot-nginx but it keeps failing: $ sudo yum install certbot-nginx Last metadata expiration check: 2:58:11 ago on Sat 17 Aug 2019 11:29:45 PM…

redhat python lets-encrypt certbot pip

asked Aug 18 '19 at 02:37

Mike Willis

votes

1 answer

Cert not yet due for renewal ... but it's expired

I am trying to renew a wildcard let's encrypt certificate. /usr/local/bin/certbot renew Saving debug log to /var/log/letsencrypt/letsencrypt.log - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Processing…

lets-encrypt

asked Jun 10 '19 at 06:37

Maxim Yefremov

votes

1 answer

Let's encrypt: renew vs new, or: why renew

Might be a stupid question but: where is the difference between renewing a Let's encrypt certificate and just getting a new one? Related question and background for this question: do I need to keep the account data from certbot? As long as I can…

lets-encrypt certbot

asked Mar 15 '19 at 12:28

sc911

votes

1 answer

How to make Certbot ignore a particular domain in nginx?

I have ~30 domains running on my server, all of them with SSL certificates managed by the Certbot nginx plugin. All of them, except one... let's call it selfsigned.example.com. This domain uses a self-signed certificate because it's being accessed…

nginx lets-encrypt certbot

asked Jan 21 '19 at 09:11

Thomas

Prev 1 2 3

…

54 55 Next