I’m posting this for inspiration to those of you who are having difficulty creating certs, as I first did, and as Windows user here’s the relatively easiest path I discovered:
Obvious prerequisites:
- Your website has a dedicated IP
- You have SSH access to your web server (https://en.wikipedia.org/wiki/Secure_Shell)
What I did:
-
Installed VirtualBox on my Windows 10 desktop (https://www.virtualbox.org/) - this enables you to create a computer within your computer.
-
I then installed Linux Mint 17.3 on my VirtualBox (http://www.instructables.com/id/How-to-install-Linux-on-your-Windows/). So now, on my Windows PC, I am simultaneously running Linux, just like if you have an Excel spreadsheet or Word doc open at the same time.
-
Installed PuTTy SSH.Telnet client (http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html), for SSH access to my webhost.
-
Since I was using PuTTY on Windows to access my webhost, I needed to change a setting in VirtualBox: Settings > General > Advanced: make sure Shared Clipboard is set to Bidirectional.
-
Now, after firing up VirtualBox and launching Linux, I’m able to cut and paste to any of my Windows apps like Notepad, PuTTY, etc.
-
Then I go to work in Linux: From the menu I launch Terminal, and this is where I install Git and clone Letsencrypt (see https://letsencrypt.org/howitworks/). What’s nice here is if you type a command it can’t execute, it provides helpful hints. For example, I hadn’t installed Git when I tried to clone LetsEncrypt, and was provided the command to install Git. Brilliant.
-
Then, since I decided to generate my certs manually, I followed the fine tutorial for OS X: https://community.letsencrypt.org/t/tutorial-for-os-x-local-certificates-and-shared-hosting/
What I found particularly useful was being able to cut-and-paste from my VirtualBox/Linux/Terminal window into my Windows PuTTY SSH session with my webhost. You really need to be able to cut/paste those lengthy alphanumeric strings regarding the domain verification steps.
While I do have a programming background, it’s been years since I’ve done command-line Linux commands and I’ve rarely needed to SSH into my webhost account, but even if you’ve never done it before, however unnerving, it’s not so bad. You aren’t going to crash your web server.
Once my certs were generated I had to work with the tech support folks at SiteGround to install them ($30 fee), since users aren’t authorized to do so, but they installed them within 10 minutes. I suspect when LE moves out of beta and adoption grows, we’ll be able to install the certs for free at webhosts that don’t already allow access.
Anyway, just wanted to share my steps to success as I know this can be a brutal process if you’re new to Linux, SSH, etc.
And thank you, LE Community! Can’t wait till free SSL is a right instead of a privilege.
Cheers,
George
