<div dir="ltr">Otherwise you can instruct letsencrypt to use the existing web server to verify it instead of spinning up it's own temporary webserver. It will work if your webserver is already running SSL even with a self-signed certificate; but it will need write access to your webroot.<div><br></div><div>For example,<br>./letsencrypt-auto certonly --webwroot -w /var/www -d <domainname><br><br>It ends up making a .well-known directory to drop a small file, and drops your certificates in /etc/letsencrypt/live/<domainname>/ .</div><div><br></div><div>Chris<br><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Jan 13, 2016 at 12:56 PM, L. V. Lammert <span dir="ltr"><<a href="mailto:lvl@omnitec.net" target="_blank">lvl@omnitec.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class="">On Tue, 12 Jan 2016, L. V. Lammert wrote:<br>
<br>
> Just tried to setup for a site, .. it turns out that the script cannot<br>
> handle a site that is *currently* encrypted [could be due to<br>
> self-signed?].<br>
><br>
> How does one setup for a site that is currently running SSL?<br>
><br>
</span>FYI, .. in case anyone runs into the same problem, to use the 'STANDALONE'<br>
Lets Encrypt plugin, one has to shut OFF Apache for a few minutes so it<br>
can verify that the hostname/IP does, indeed, resolve to the physical<br>
machine where you are running Let's Encrypt.<br>
<div class="HOEnZb"><div class="h5"><br>
Lee<br>
_______________________________________________<br>
grlug mailing list<br>
<a href="mailto:grlug@grlug.org">grlug@grlug.org</a><br>
<a href="http://shinobu.grlug.org/cgi-bin/mailman/listinfo/grlug" rel="noreferrer" target="_blank">http://shinobu.grlug.org/cgi-bin/mailman/listinfo/grlug</a></div></div></blockquote></div><br></div>