[GRLUG] LetsEncrypt for current SSL site
Chris Wieringa
chris at wieringafamily.com
Fri Jan 15 11:27:24 EST 2016
Otherwise you can instruct letsencrypt to use the existing web server to
verify it instead of spinning up it's own temporary webserver. It will
work if your webserver is already running SSL even with a self-signed
certificate; but it will need write access to your webroot.
For example,
./letsencrypt-auto certonly --webwroot -w /var/www -d <domainname>
It ends up making a .well-known directory to drop a small file, and drops
your certificates in /etc/letsencrypt/live/<domainname>/ .
Chris
On Wed, Jan 13, 2016 at 12:56 PM, L. V. Lammert <lvl at omnitec.net> wrote:
> On Tue, 12 Jan 2016, L. V. Lammert wrote:
>
> > Just tried to setup for a site, .. it turns out that the script cannot
> > handle a site that is *currently* encrypted [could be due to
> > self-signed?].
> >
> > How does one setup for a site that is currently running SSL?
> >
> FYI, .. in case anyone runs into the same problem, to use the 'STANDALONE'
> Lets Encrypt plugin, one has to shut OFF Apache for a few minutes so it
> can verify that the hostname/IP does, indeed, resolve to the physical
> machine where you are running Let's Encrypt.
>
> Lee
> _______________________________________________
> grlug mailing list
> grlug at grlug.org
> http://shinobu.grlug.org/cgi-bin/mailman/listinfo/grlug
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shinobu.grlug.org/pipermail/grlug/attachments/20160115/174335f9/attachment.html>
More information about the grlug
mailing list