certbot

• Nginx Proxy SSL Verification

Install certbot

• Install LetsEncrypt in CentOS 7
• LetsEncrypt Windows

Certbot commands

• Delete LetsEncrypt SSL certficate
• List all letsencrypt certificates
• Change Email address of LetsEncrypt SSL
• Certbot Remove a Domain Name from SSL Certficate

Certbot SSL for Applications

• Enable LetsEncrypt SSL in ISPConfig
• LetsEncrypt SSL On Nginx Password Protected site
• LetsEncrypt SSL On Apache Password Protected site

Install certbot

wget https://raw.githubusercontent.com/serverok/server-setup/master/install/letsencrypt.sh
bash letsencrypt.sh

OR

cd /usr/bin
wget https://dl.eff.org/certbot-auto
chmod a+x /usr/bin/certbot-auto
mv /usr/bin/certbot-auto /usr/bin/certbot

Install SSL certificate on Apache

certbot --authenticator webroot --webroot-path PATH_TO_DOC_ROOT_HERE --installer apache --agree-tos --no-eff-email --email [email protected] -d YOUR-DOMAIN.EXT -d www.YOUR-DOMAIN.EXT

On Nginx

certbot --authenticator webroot --webroot-path PATH_TO_DOC_ROOT_HERE --installer nginx --agree-tos  --no-eff-email --email [email protected] -d YOUR-DOMAIN.EXT -d www.YOUR-DOMAIN.EXT

This will stop web server. Generate SSL, then start web server.

Getting SSL with out installing

certbot certonly --authenticator webroot --webroot-path PATH_TO_DOC_ROOT_HERE --agree-tos --email [email protected] -d YOUR-DOMAIN.EXT

Getting SSL with out web server

Domain should be pointed to the server IP and IP should be public to generate SSL. Run the following command.

certbot certonly --standalone --agree-tos --no-eff-email --email [email protected] -d YOUR-DOMAIN.EXT

Auto Renew SSL Certificate

Set the following cronjob to auto-renew SSL

crontab -e

Add

@weekly /usr/bin/certbot renew > /var/log/le-renew.log 2>&1

List All SSL

certbot certificates

Change the Email Associated with the account

certbot register --update-registration --email YOUR_EMAIL_HERE

Search for LetsEncrypt SSL status

https://crt.sh

LetsEncrypt Renewal file