Wireless Army
This is a blog / tips and tricks website for web developers and security researchers.
follow us in feedly


5 things you need to know before using letsencrypt
by admin
 at 2018-02-26 09:18:00.

In this scenario we will use Letsencrypt for apache. But you can use it as a standalone version or with nginx.
first you need to download it in the first place:

git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt

let’s encrypt has made security for websites so much easier but still there are few things that you might like to know when using it.

1 it doesn't work with more than one virtual host per file

all you have to do is cut and past the other virtual hosts in a new file and then

a2ensite one.example.com
a2ensite two.example.com
service apache2 reload

 

2 specify rsa key size

the default rsa key size for letsencrypt is 2048 but if you wish to change it you can do so with this option --rsa-key-size 4096

 

3 setup automatic renewing with the following like

--renew-by-default

4 specify domains and subdomains

you can do so with -d but if you will only use example.com please add www.example.com also so you won't get any confusion by certification validators

5 update letsencrypt

cd letsencypt
git pull

 

an example command:

./letsencrypt-auto --apache --rsa-key-size 4096 -d example.com -d www.example.com -d one.theproject1.com -d two.theproject1.com --renew-by-default

 

You can verify the status of your SSL certificate with the following link

https://www.ssllabs.com/ssltest/analyze.html?d=example.com&latest

also note that you can only generate 5 certifications per week and this tutorial help you avoid some mistakes so you wouldn’t need to use all 5 of them in 30 minutes because of simple errors.