Questions tagged [lets-encrypt]

Let's Encrypt is a certificate authority that provides free X.509 certificates for TLS encryption.

Let's Encrypt is a certificate authority that entered public beta on December 3, 2015 that provides free X.509 certificates for Transport Layer Security encryption (TLS) via an automated process designed to eliminate the current complex process of manual creation, validation, signing, installation and renewal of certificates for secure websites.

An Python certificate management program called letsencrypt gets installed on the client side (the web server of an enrollee). This is used to order the certificate, to conduct the domain validation process, to install the certificate, to configure the HTTPS encryption in the HTTP server, and later to regularly renew the certificate.

After installation and agreeing to the user license, executing a single command is enough to get a valid certificate installed. Additional options like OCSP stapling or HTTP Strict Transport Security (HSTS) can also be enabled. Automatic setup initially only works with Apache and nginx.

Source: Wikiepdia

822 questions

votes

2 answers

nginx as reverse proxy with several domains & hosts

This question has probably been asked several times, but with all results I can find and my little knowledge, I'm kind of lost. I'm using Fedora 29. What I try to do with nginx : Use one let's encrypt ssl certificate with several domain names map…

asked Nov 02 '18 at 18:52

EHRETic

votes

1 answer

Let's Encrypt certificate to cover both wildcard subdomains and root-domain

I'm running a server under example.com domain and I have sub-domains like: a.example.com b.example.com I'm creating certificate from Let's Encrypt with zerossl online tools and I have an issue. When I generate the certificate using wildcards as…

subdomain lets-encrypt wildcard-subdomain

asked Nov 02 '18 at 13:44

STaefi

votes

1 answer

named not serving letsencrypt TXT records

Am trying to renew/create letsencrypt certs using DNS auth: certbot-auto -d xxx.it -d mail.xxx.it --manual --preferred-challenges dns certonly However, after inserting the requested records: Please deploy a DNS TXT record under the…

bind lets-encrypt

asked Oct 11 '17 at 12:49

Alien Life Form

2,309
2
21
32

votes

2 answers

Letsencrypt renewal getting - remote error: tls: handshake failure

I'm trying to renew my letsencrypt certs and getting the following error: remote error: tls: handshake failure How do I fix this?

nginx ssl lets-encrypt

asked Jun 17 '17 at 18:07

jackreichert

votes

1 answer

apache 2.4 + gitlab + letsencrypt not working

I use the following config to enable letsencrypt support on all vhosts: ProxyPass /.well-known/acme-challenge ! Alias /.well-known/acme-challenge/ /var/www/letsencrypt/.well-known/acme-challenge/

apache-2.4 lets-encrypt

asked May 15 '17 at 11:54

kannix

votes

6 answers

What are my options for moving my LetsEncrypt certificate from one server to another?

I have an ubuntu server running through Digital Ocean that has an SSH certificate that I got through LetsEncrypt. I'm trying to switch to a cheaper service, and I need to move the cert to my new server. How can I do this? It looks like I can revoke…

lets-encrypt

asked Mar 13 '17 at 16:13

Kecoey

votes

1 answer

Let's Encrypt w/ Apache 2.4.23 on Arch Linux produces "can't connect" error

I have a fully updated Arch Linux server running Apache 2.4.23. In the past I've successfully used StartSSL to enable HTTPS on my Apache web server. But now I'd like to switch to Let's Encrypt. Using certbot standalone, I've produced these…

ssl apache-2.4 ssl-certificate arch-linux lets-encrypt

asked Dec 24 '16 at 17:55

hpy

votes

1 answer

Let's Encrypt using webroot on nginx with an SSL redirect

I have a web site being served with nginx with the following requirements: Redirect all http -> https Zero-downtime Let's Encrypt certificate renewal In order to satisfy (1) I have a small http->https redirect in my nginx config. In order to…

nginx lets-encrypt

asked Nov 11 '16 at 04:10

mgalgs

votes

1 answer

Let's Encrypt and local puppet development

I develop Puppet manifests in a Vagrant VM. I'd like to configure an SSL-terminating webserver, but obviously Let's Encrypt verification will fail when the node is only running on my laptop. Is there a nice way to configure Puppet to use the real…

puppet lets-encrypt

asked May 18 '16 at 21:58

jacobbaer

votes

2 answers

certbot renew crashes nginx and all websites go offline

When sudo certbot renew command is run, nginx server is crashing. The error log in systemd looks like this: - The job identifier is 48862. Sep 01 11:31:52 phoenix.medialab.ntua.gr systemd[1]: nginx.service: Main process exited, code=dumped,…

nginx lets-encrypt certbot server-crashes crash

asked Sep 01 '21 at 08:45

user000001

votes

1 answer

is cloudflare now using let's encrypt certificates for edge?

i just added a new domain to cloudflare and the edge certificate is let's encrypt r3, shown in control panel and by inspecting in browser when on the domain's website. my existing domains still have the regular 1-yr certs. wonder if they'll switch…

lets-encrypt cloudflare

asked Jul 02 '21 at 16:29

rvh

votes

2 answers

Is it possible to generate a LetsEncrypt certificate for a private subdomain if the domain is public?

I have a server running on a private subdomain, server.internal.example.com example.com is public but internal.example.com is not. I've used CertBot to generate a certificate for *.example.com but if I try to expand this to include…

ssl-certificate lets-encrypt

asked May 04 '21 at 11:08

Rich Nicholson

votes

2 answers

Certbot (LetsEncrypt) on custom port (Nginx OR apache)

I've found many similar questions, people asking about how-to setup SSL on different ports (other than 80/443), i.e. 1234 port. However, all answers were like use redirection or proxying requests or dns-validation (instead of http) or use…

nginx ssl lets-encrypt certbot

asked Nov 06 '20 at 10:12

T.Todua

votes

1 answer

How can I retrieve my Let's Encrypt registration's current email address?

I understand that Let's Encrypt maintains an email address as a registration and recovery contact for every "account." This email address is used to notify the owner of the certificates of upcoming expirations as well as warn of other problems with…

linux lets-encrypt certbot

asked Mar 05 '20 at 23:28

CODE-REaD

votes

2 answers

Migrating certbot/letsencrypt certificate to new server

I have a server out there that supports HTTPS using a certbot/letsencrypt certificate. I am doing a general software upgrade so to minimize risks and downtime, I'm installing new releases on a new server on which I import the live server data for…

lets-encrypt certbot

asked Jan 13 '20 at 13:47

xenoid

Prev 1 2 3

…

54 55 Next