Tutorial: Let’s encrypt

The public beta of Let’s encrypt just started. This lets you easily install SSL certificates on your apache or nginx server or get some for your mail server.

Offical Homepage

To use letsencrypt on your linux server, you just have to download the opensource tool from github or clone the repository and simply run the script.

 

General steps

sudo apt-get install git
git clone https://github.com/letsencrypt/letsencrypt.git
cd letsencrypt

This downloads the needed files to your system and enters the specific folder.

 

Configuration for Apache / Nginx

Configure your webserver (Apache / Nginx) for use with your wanted sites, e.g. www.example.com and webmail.example.com.

Then just type

./letsencrypt-auto

to run the configuration wizard. It lets you select some of your configured domains and updates the apache / nginx configuration to use the newly downloaded certificates.

 

Certification for use with Mail-Server or other applications

To get SSL-certificates for other domains / in standalone mode, you can use the downloaded tool, too. You can request one certificate for several domain names, e.g. mail.example.com, smtp.example.com and imap.example.com. Each domain you want to get a certificate for can be added with the parameter -d for ./letsencrypt-auto certonly –standalone. In our example you have to call

./letsencrypt-auto certonly --standalone -d mail.example.com -d imap.example.com -d smtp.example.com

Your certificates will be stored at /etc/letsencrypt/live/{domain}/ and can be included in your mailserver configuration.

Leave a Reply

Your email address will not be published. Required fields are marked *