Tutorial for OS X local certificates and Shared Hosting


I renamed it via the terminal. Tried again…it was recreated…but it still fails.


Odd. I found this but doesnt help, just said changed a setting on the host fixed the issue: https://stackoverflow.com/questions/25677169/eof-while-reading-packet-connection-failed

Could you contact your support telling them EOF issue? It just doesn’t make any sense. I remember having this issue before myself on my vps, and I dont remember the fix.


I have asked my web host (arvixe)…I will see what they say. I am now remembering that the --debug mode I needed (per above) may have changed some permissions on my system…I just do not remember what it did since it scrolled by so fast.

Unable to import libaugeas! on OSX El Capitan

This command fails for me on Yosemite. I have Xcode.
It says Failed building wheel for cffi
Command "/Users/me/.local/share/letsencrypt/bin/python2.7 -c "import setuptools… failed with error code 1 in /private/var/folders/5r/77hy8f_14y1_c9vkzkj5k2i40000gn/T/pip-build-6UUdnc/cffi


It’s possible that libffi is missing. It can be installed manually. But before you go ahead, ask the #letsencrypt IRC channel here: https://webchat.freenode.net


Yep. Doing “brew install libffi” fixed it. Now the curses based UI runs.
However shared hosting remains a problem.
I installed the files on the server that the curses UI says to, in .well-known/acme-challenge, but after that it crashes.
I’m analyzing the Javascript option now i.e. this: gethttpsforfree


Hi guys. I was able to generate the certificate for my domain using this tutorial. However, when importing it to my hosting provider (mediatemple), it says, “Error: the key is invalid.”

I copy/pasted the key as-is from privkey1.pem

I even recreated the certificate to get a new key, cert, and chain, but I’m still getting the invalid key error when trying to import the certificate. What am I doing wrong? Please help!


are you doing a file import ? or pasting it into the hosts control panel ?

is pasting make sure you include the -----BEGIN RSA PRIVATE KEY----- and -----END RSA PRIVATE KEY----- lines, but no additional blank lines ( although I have seen one control panel that needed a single blank line at the end )


I’m pasting it, together with -----BEGIN PRIVATE KEY----- and -----END PRIVATE KEY-----

I’ve changed it to -----BEGIN RSA PRIVATE KEY----- and -----END RSA PRIVATE KEY-----

I’ve also tried adding a blank line at the end.

Still getting Error: The Key is invalid.


Just a quick check … is the private key valid ?

openssl rsa -in private.key -check

should give you an OK (or not) at the top.


I entered the following in terminal: openssl rss -in privkey1.pem -check

It showed:

RSA key ok
writing RSA key

followed by the key

it looked different than viewing the key from the privkey1.pm file

I copy/pasted the key that showed after the openssl command, now it’s working. Certificate imported successfully. Thank you!


This method worked fine for me after a few attempts but when I uploaded my Certificate and Key, I had to do a Certificate Signing Request through my host and it all seemed to go fine but when I go to the site I get:

This site can’t provide a secure connection

www.XXXXXXX.com sent an invalid response.

The host thinks it’s a certificate error.

Has anyone seen this when generating your cert with this method?



I ran into problems on the third step “Now you begin with creating the certificates locally by defining key size and the domains:./letsencrypt-auto --debug cetonly -a manual -rsa-key-size 4096 -d [domain] -d www.[domain]

Using Mac OS El Capitan.

Got the following errors:

/System/Library/Frameworks/Ruby.framework/Versions/2.0/usr/lib/ruby/2.0.0/rubygems/core_ext/kernel_require.rb:55:inrequire’: cannot load such file – mach (LoadError)
from /System/Library/Frameworks/Ruby.framework/Versions/2.0/usr/lib/ruby/2.0.0/rubygems/core_ext/kernel_require.rb:55:in require' from /usr/local/Library/Homebrew/extend/pathname.rb:2:in<top (required)>'
from /System/Library/Frameworks/Ruby.framework/Versions/2.0/usr/lib/ruby/2.0.0/rubygems/core_ext/kernel_require.rb:55:in require' from /System/Library/Frameworks/Ruby.framework/Versions/2.0/usr/lib/ruby/2.0.0/rubygems/core_ext/kernel_require.rb:55:inrequire’
from /usr/local/Library/Homebrew/global.rb:3:in <top (required)>' from /System/Library/Frameworks/Ruby.framework/Versions/2.0/usr/lib/ruby/2.0.0/rubygems/core_ext/kernel_require.rb:55:inrequire’
from /System/Library/Frameworks/Ruby.framework/Versions/2.0/usr/lib/ruby/2.0.0/rubygems/core_ext/kernel_require.rb:55:in require' from /usr/local/Library/brew.rb:15:in'`

Does anyone know what this is all about?


step 3 didn’t work for me
I using ubuntu
in letsencrypt I run this comand
./letsencrypt-auto certonly -a manual --rsa-key-size 4096 -d yourdomain.com -d www.yourdomain.com
but didn’t work display error letsencrypt-auto: command not found
can anyone help


You are replying to an old thread about OSX (lots has changed since then) and you are running ubuntu (not OSX). I’d suggest ideally starting a new thread with your issue.

Alternatively, if you don’t want to start a new thread, please tell us about your system, how you installed certbot / letsencrypt etc.


actualy I have intall SSL with shared hosting website
I follow this article


So what specific issue do you have ? and what commands di you run in order to get there ?


tried this on both windows(my pc) & ubuntu(aws ubuntu server)
step1 - run command
git clone https://github.com/letsencrypt/letsencrypt
done successful

step 2 - run command
letsencrypt certonly --manual --email admin@example.com -d example.com -d www.example.com
with my domain name
but didn’t work display error
letsencrypt-auto: command not found


If you have done a git clone, then you need to change into the letsencrypt directory ( cd letsencrypt )
Then include the path in front of the command ( ./letsencrypt certonly … on linux )


Hey, thanks for this great article. I wanted to tell you I created a french tutorial based on this one at https://mikaoelitiana.name/fr/creer-certificat-ssl-lets-encrypt-hebergement-partage/