Installing Let's Encrypt SSL Certificates On Namecheap Hosting: Difference between revisions
Jump to navigation
Jump to search
| Line 10: | Line 10: | ||
=== Automated === | === Automated === | ||
<div class="alert alert-warning">TO DO: figure out if there is a way to automate renewing the certificate. Right now it seems that it requires manually entering commands into a terminal.</div> | |||
Some links that rely on `acme.sh` to renew certificates: | Some links that rely on `acme.sh` to renew certificates: | ||
| Line 15: | Line 17: | ||
* [https://github.com/Neilpang/acme.sh/wiki/Simple-guide-to-add-TLS-cert-to-cpanel Simple guide to add TLS cert to cpanel] | * [https://github.com/Neilpang/acme.sh/wiki/Simple-guide-to-add-TLS-cert-to-cpanel Simple guide to add TLS cert to cpanel] | ||
* [https://www.juliogonzalez.es/lets-encrypt-ssl-certificates-at-cpanel-without-native-support-for-example-at-namecheap/352 Let’s encrypt SSL certificates at cPanel automatically and without native support] | * [https://www.juliogonzalez.es/lets-encrypt-ssl-certificates-at-cpanel-without-native-support-for-example-at-namecheap/352 Let’s encrypt SSL certificates at cPanel automatically and without native support] | ||
=== Manually renewing === | === Manually renewing === | ||
Revision as of 18:03, 18 December 2018
Installing a certificate for the first time
This Gist has detailed instructions on how to install a Let's Encrypt SSL certificate for a web site hosted on Namecheap.
It references this Python script which conducts the challenge with Let's Encrypt that verifies control of the domain(s).
Renewing the certificate
Let's Encrypt certificates expire every 90 days.
Automated
TO DO: figure out if there is a way to automate renewing the certificate. Right now it seems that it requires manually entering commands into a terminal.
Some links that rely on acme.sh to renew certificates:
- Simple guide to add TLS cert to cpanel
- Let’s encrypt SSL certificates at cPanel automatically and without native support
Manually renewing
- SSH to the server. [1]
- Navigate to the directory containing Let's Encrypt keys and scripts, e.g.
~/letsencrypt/letsencrypt_nosudo/ - Generate a new signed certificate:
python sign_csr.py -f --public-key user.pub ./[DOMAIN]/domain.csr > ./[DOMAIN]/signed.crt
- This will first prompt for an admin email address.
- Then it will prompt for a series of commands to be entered, which create JSON files that are used by the signing script.
- Then it will prompt for a file to be installed on the server for each of the subdomains included in the certificate.
- (Those are the three steps that would need to be automated somehow.)
After verifying each of the domains, a signed certificate is created.
The certificate is installed with: [2]
crt=`cat ./[DOMAIN]/signed.crt | python urlencode.py` key=`cat ./[DOMAIN]/.key | python urlencode.py` uapi SSL install_ssl domain=[MYDOMAIN.TLD] cert="$crt" key="$key"