Issue Generating Cert on A Small Orange


#1

Currently, I am unable to generate the cert and key on my web host server (A Small Orange). This is on shared hosting. Whenever running the manual script, I receive the following message:
Command “python setup.py egg_info” failed with error code 1

I already know that the web host cannot update pip since this is on shared hosting. Is there any other way I can generate the cert and key for use on their server?

Thanks!


#2

You should be able to run some of the alternate clients - particularly the bash ones.


#3

Thanks for your info! I will give them a try.


#4

How do you recommend running this from the desktop? I just need the certificate and key generated, which I would then send onto my web host. I have downloaded the getssl script files; however, I did not see how to run the script from a desktop. Appreciate any help! Thanks!


#5

What is your desktop ?

if linux, then I’d run the getssl bash script ( as that will obtain the certificate and automatically upload it for you if you have SSH access )

If you can modify your DNS through an API then again the bash scripts will perform the DNS challenge for you ( that way you don’t need to upload any verification values to the server, you will just get the certs )

If windows, then it gets a little more tricky, and it depends how good you are with the CLI on windows, or if better to use an online config ( personally I’d prefer to use a linux virtualbox on your windows machine than an online system, that’s just a personal choice though - as it’s more secure, and can let you automate everything).


#6

Ok, thanks for your response. Currently, I only have access to Windows and have used Putty to SSH into my site. Using that technology, I was able to create the getssl config files. However, nothing seems to happen when running the next script, getssl mydomain.com

Should I download and install ubuntu? And if so, I assume the latest version. Or is there another linux virtualbox you would recommend? I am on a Windows 10 desktop. Thanks a lot!


#7

If you can SSH onto your site, why not use one of the bash scripts directly on your server / site ? That should enable you to create the certificate on the server, is probably the easiest solution.


#8

I could give that a try. I will see what is available. I assume you would find the bash scripts within the root directory… Thanks!


#9

There are 3 bash scripts listed in the “alternate clients

Getssl - one I wrote ( so slightly biased :wink: ) and was designed for installing certs on remote servers which wouldn’t run then official client

acme.sh - a popular base script, which is relatively constantly developed and maintained.

LetsEncrypt.sh - the first ( I think ) of all the alternate bash scripts. Another perfectly good script to use.

You can simply upload them to the server (not in the publicly accessible area) - change permissions to 700 (to allow run access ) - and run them.


#10

Great, thanks! I did upload your script, getssl into a folder I created in the root directory /home/evoluti3. I did change permission on the getssl script and ran through SSH. It did create /.getssl folder with the config files. Do I need to change anything else to generate the cert and key? When running getssl mydomain.com, nothing appears to be created. Thanks!


#11

Yes, you will need to edit the config files.

If you run "getssl -c yourdomain.com " it will create /.getssl/yourdomain.com and in that there will be a config file. Edit that to point to the correct root directory ( i.e. where your your index.html for your website would be and /.well-known/acme-challenge on the end )

you can then run “getssl yourdomain.com” and it should create the certificates for you in /.getssl/yourdomain.com/ folder


#12

Ok, I will edit that config file and run again. I will let you know if I still have any issue afterwards. Appreciate all your help!


#13

OK - there is basic help etc on https://github.com/srvrco/getssl if I’m not around ( I’m UK based, so getting late here ) … will check in the morning though.


#14

Thanks! Appreciate it! Have a good evening!


#15

Just an update. I ran the scripts; however, I am not sure if it created all the files. I checked in the .getssl/mydomain.com folder and can only see one cert (mydomain.com.crt) file. I thought there are a few files as well as keys. Could those files be anywhere else? Thanks!


#16

The files won’t be anywhere else, no. I’ll message you so that we don’t clutter up the forum here with debug info …


#17

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.