Go ahead. Chuckle. Actually not THAT beginner, but stuck.
I’m in the midst of a moderate learning curve, transitioning from shared hosting to AWS. Right now dealing with one very small Joomla site that seems to be working fine after having been transferred over to AWS. It seemed like a good place to take a stab at adding a LE certificate.
I mean, how hard can it be?
As far as LE, I started with the https://letsencrypt.org/getting-started/ page, and ran into a brick wall! (see here for more discussion on that)
After the requisite round of Googling, and after much trial and error, mixing bits and pieces of suggested CLI stuff from various allegedly complete “how-to” pages, I have four .pem files in place under etc/letsencrypt/live/{mydomain}/
cert.pem chain.pem fullchain.pem privkey.pem
It’s my understanding that there now needs to be another step to make this whole thing work (with apache?), and then one more to set up autorenewal. (cron?) And that is where I’m stalled.
Everything that I’ve tried, and honestly I’ve lost track of much of it, has failed to move things ahead.
Assuming I’m using CLI, exactly what command should I do next, and where in the whole directory structure should I be when I do it? ( yes, I still sometimes get a bit lost when wandering around looking for stuff.)
I feel like I’m about half way there, and would be delighted to figure out the last couple of steps.
Followup: Returned to one of the pages I found yesterday. Just tried:
/opt/letsencrypt/letsencrypt-auto renew --config /etc/letsencrypt/config.ini --agree-tos && apachectl graceful and got:
letsencrypt: error: File not found: /etc/letsencrypt/config.ini
Followup #2: Tried
echo “rsa-key-size = 4096” >> /etc/letsencrypt/config.ini
And it has created the config.ini file. The renew command now works.
I swear I ran that yesterday and it did nothing.
Followup #3: Based on this Amazon tutorial I did these:
sudo yum install -y mod24_ssl
sudo service httpd restart
Which seem to have done what they say. Still haven’t found the missing link.