Make a note of it! This tutorial is now reaching its age (old) as Letsencrypt Certs renewing evolved to certbot! Certain things still useful, like Apache redirects but everything related to LE installatin needs to be updated. I will do when time sort it out!]
My first test of LetsEncrypt on my OS X Server was based on these instructions;
Tutorial for OS X local certificates and Shared Hosting
First I would like to give my thanks to @effg to had take the time to share his experiences on installing LetsEncrypt on his Server. First I tried to install “home brew” on my OS X Mavericks system and I ran into some issues.
- Home Brew only install through my user admin account and not as root.
If you try to install Home brew by issuing the command;
ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install102)"
as root, It will fail. But if you open an new terminal window from your OS X Admin User Account, it will install just fine.
There are some dependencies you should be aware:
a. Install Git First
b. Install Xcode Tools
root# xcode-select --install
c. Install Pip
How do I install pip on macOS or OS X?
python, osx, pip, install
asked by The System on 08:44AM - 24 Jun 13
d. Install virtualenv
$ sudo pip install virtualenv virtualenvwrapper
Seems like a lot to start but I read a lot information and just followed the links.
Now you are ready to install LetsEncrypt;
Begin with installing Let’s Encrypt via Terminal:
$ git clone https://github.com/letsencrypt/letsencrypt206
You must have “python” installed correct in your system because you will need it to generate and validate your certificates following these instructions. ( Home Brew will do that for you and that is the reason you need to install Home Brew first )
After installation, obtaining your certificates goes as follow:
Now you begin with creating the certificates locally by defining key size and the domains:
./letsencrypt-auto certonly -a manual --rsa-key-size 4096 -d domain.com -d www.domain.com32
I found this part a little hard because It gets to a point you have to stop and validate your certificate; (steps)
840x529 92.7 KB
830x524 7.47 KB
830x524 13.7 KB
830x524 14 KB
830x524 25.8 KB
Stop right here!
Now, you must have access to your domain.com web server root directory to create these folders;
mkdir -p .well-known/acme-challenge
After the creation of these folders you will have to open a root terminal window;
830x524 44.6 KB
Here is the problem to many people. To validate the domain you need to create two files inside of the /acme-challenge/ folder.
Log as root;
The name of the file is the first code on the picture; example;
z8HGS1t… —> finish with TmQy_M
inside of the file you must have the code that starts with
z8HGS1TBIE2s0Oau-o16… —> finish with THLKOHHJmHQI
(sorry, I got in a worry and I did not want to write the whole code here, but I am sure you will figure that out)
They are going to ask you to do that twice so you must have two files with the code inside your .well-known/acme-challenge/ directory.
Believe me, pay attention, this is not that easy!
One easy way to create the files is to open the terminal as root and cd to .well-known/acme-challenge/ directory
Then you use the nano editor.
[server root] # well-known/acme-challenge/…( code for title goes here)
inside of the file put the other code here…
then Control o to save, return and Control x to get out of the nano editor.
Ok, I hope you got this in the end;
830x524 53.6 KB
Ok, Now you have your certificates and they are located on the /etc/letsencrypt/ directory!
Next, you will have to install and configure your certificates together with your Apache Server