Creating and using a free SSL certificate with Let's Encrypt


#1

emergence doesn’t currently support any of the automated certbot methods, but the kernel is well-positioned to automatically create SSL certificates for all sites at creation time in the future.

For now, certbot's hidden manual mode can be used.

  1. Install certbot on your local workstation
    • On Mac: brew install certbot
  2. The rest needs to be done as root: sudo su
  3. Begin manual certificate generation sudo certbot certonly --manual
  4. Follow wizard prompts until it provides the file to upload and pauses
  5. Use emergence’s /develop interface or WebDAV protocol to create the requested public file path and paste in the provided contents
  6. Continue certificate generation
  7. Delete the verification file created in step 5
  8. Change to the indicated directory, e.g. cd /etc/letsencrypt/live/my.example.com/
  9. Follow steps 2, 4, and 6-8 of the general SSL certification guide
    • Use cert.pem as your .key file
    • Use fullchain.pem as your .crt file

#2

@chris I got an error when trying to use the cert.pem file as my .key file but the the privkey.pem worked.