Questions tagged [lets-encrypt]

Let's Encrypt is a certificate authority that provides free X.509 certificates for TLS encryption.

Let's Encrypt is a certificate authority that entered public beta on December 3, 2015 that provides free X.509 certificates for Transport Layer Security encryption (TLS) via an automated process designed to eliminate the current complex process of manual creation, validation, signing, installation and renewal of certificates for secure websites.

An Python certificate management program called letsencrypt gets installed on the client side (the web server of an enrollee). This is used to order the certificate, to conduct the domain validation process, to install the certificate, to configure the HTTPS encryption in the HTTP server, and later to regularly renew the certificate.

After installation and agreeing to the user license, executing a single command is enough to get a valid certificate installed. Additional options like OCSP stapling or HTTP Strict Transport Security (HSTS) can also be enabled. Automatic setup initially only works with Apache and nginx.

Source: Wikiepdia

822 questions

votes

2 answers

How to setup a website with multiple sub-domains but one canonical domain

I want to serve an website via https://the.example.com (thus with a non-standard sub-domain), but the same website should also be entered with https://example.com and https://www.example.com (+the http counterparts). So if you type…

nginx debian lets-encrypt

asked Dec 30 '19 at 10:00

doekman

votes

1 answer

Nginx when using variable in ssl_certificate path get permissions error

In the Nginx configuration, trying to load ssl_certificate dynamically but using $ssl_server_name variable ssl_certificate /etc/letsencrypt/live/$ssl_server_name/fullchain.pem; ssl_certificate_key…

nginx lets-encrypt

asked Sep 22 '19 at 15:43

Mezbah

votes

4 answers

Website suddenly doesn't open in Safari and iOS devices

I have this website that was working fine until recently. Now users are reporting that it's not opening in their iphones and ipads. Doesn't matter what browser you try on iOS, it just won't work. Also it doesn't open in Safari when browsed on a Mac…

nginx ssl lets-encrypt ios safari

asked Jul 19 '19 at 14:21

xperator

votes

0 answers

How to return a string with 200 code with Apache 2.4

I'm trying to convert this nginx configuration block to Apache 2.4: http { ... server { ... location ~ ^/\.well-known/acme-challenge/([-_a-zA-Z0-9]+)$ { default_type text/plain; return 200 "$1.6fXAG9VyG0IahirPEU2ZerUtItW2DHzDzD9wZaEKpqd"; …

apache-2.4 lets-encrypt

asked Jul 18 '19 at 21:02

Vinícius Ferrão

5,520
11
55
95

votes

1 answer

nginx config using variable in ssl_certificate path throws permissions error

The nginx configuration server block: localhost:/etc/nginx$ cat nginx.conf | grep -B 3 -A 6 '$ssl_server_name' server { listen 443 ssl http2 default_server; ssl_certificate /etc/letsencrypt/live/$ssl_server_name/fullchain.pem; …

nginx ssl ssl-certificate openssl lets-encrypt

asked Jun 19 '19 at 18:45

vy218

votes

1 answer

Overriding nginx deny rule for acme related block

I have following nginx server config: server { ... location / { # First attempt to serve request as file, then # as directory, then fall back to proxy. try_files /maintenance.php $uri @proxyPass; } …

nginx lets-encrypt

asked Oct 12 '18 at 14:53

Index

votes

4 answers

Terminating SSL at Cloudflare level. Do I get performance gains?

I saw in a post that terminating SSL at Cloudflare level and HTTP only traffic from Cloudflare to origin gives a performance boost since SSL is negotiated only at the edge. I run a website (mostly static) where security is not a paranoid concern.…

ssl https lets-encrypt cloudflare

asked Aug 08 '18 at 22:01

Quintin Par

4,373
11
49
72

votes

2 answers

Export client certificate from Let's Encrypt certificates

I'm running Debian and have certbot for creating Let's Encrypt certificate. I act as client towards a TLS server, and needs to handover my client certificate for approval. I've got the following files generated by…

ssl lets-encrypt certbot

asked Jul 09 '18 at 13:13

Alfred Balle

votes

1 answer

Using Let's Encrypt Wildcard Certificate on Multiple Servers

I have a series of subdomains that are a part of a root domain I manage. I have set up certbot on one of these domains: x.example.com and it is successfully using the certificate and renewing it automagically. I now want to create a new subdomain y…

nginx ssl-certificate lets-encrypt wildcard-subdomain

asked Jun 01 '18 at 15:21

Steve

votes

1 answer

How to auto-renew LetsEncrypt Certs with a Dockerized Instance of Apache?

We have some dockerized PHP applications with custom docker images so that the PHP mail() function actually works. When we build the images, we are COPYing the certs into the image at build time. This works great... for 90 days. In order to renew,…

apache-2.2 docker lets-encrypt

asked Apr 11 '18 at 15:46

DrDamnit

votes

2 answers

lighttpd proxy all except .well-known for letsencrypt

I want to configure lighttpd to accept requests from letsencrypt service for cert renewal, but I have a problems with the configuration because it's using as proxy server, so my /.well-known is not available using HTTPS. Config files below. Any…

https lighttpd lets-encrypt certbot

asked Apr 11 '18 at 09:24

TarasH

votes

1 answer

SSL error whith LetsEncrypt and Nginx

I configured my Nginx server with certbot and LetsEncrypt.The OS is Ubuntu 16.04 and There was no errors in the process, But when I access it from browser it shows these errors: In Firefox : Secure Connection Failed An error occurred during a…

nginx ssl lets-encrypt

asked Apr 03 '18 at 16:11

Ali Azin

votes

1 answer

SSL Permission Error: Node.js with HTTPS + Let's Encrypt SSL + Apache + Non-Root User

I have a Node.js server set up and I am trying to use HTTPS with my Let's Encrypt certificate on Apache. Here is the relevant code I have set up: var fs = require('fs'), https = require('https'), express = require('express'), options = { key:…

ssl apache-2.4 https node.js lets-encrypt

asked Mar 21 '18 at 19:00

peppy

votes

1 answer

nginx certbot certificate www and non-www

I haven't really wrapped my head around how to create (working) certificates using certbot for nginx. My sites-enables now look like this: First, a block for the www domain with SSL. All the SSL stuff is created by certbot. server { root … index ……

nginx ssl https lets-encrypt certbot

asked Feb 09 '18 at 15:43

Mattis Erngren

votes

1 answer

How do I fix this: Client auth is required but no trust anchors found in: /var/lib/neo4j/certificates/default/trusted

I've been trying to configure SSL for a Neo4j server per their documentation. To this end I have created the following directory structure. /var/lib/neo4j/certificates# ls -lR .: total 12 drwxr-xr-x 4 neo4j neo4j 4096 Dec 20 17:12 default -rw-------…

ssl ubuntu-16.04 lets-encrypt neo4j

asked Dec 20 '17 at 18:12

Anirudh

Prev 1 2 3

…

54 55 Next