Table of Contents

certificates - letsencrypt

LetsEncrypt provides free SSL certs that you renew every few weeks.

It strongly suggests python27, so for CentOS, you'll need to use SCL or some other option.

Setup

  1. install packages:
    yum install centos-release-SCL
    yum install git python27 openssl-devel
    yum install gcc libffi-devel openssl-devel
  2. clone repo:
    git clone https://github.com/letsencrypt/letsencrypt
  3. new get letsencrypt to install itself:
    # scl enable python27 './letsencrypt-auto --help'
  4. some examples (YMMV - read the letsencrypt docs for specifics on the different certification renewal/request options):
    # scl enable python27 './letsencrypt-auto certonly --webroot -w /path/site1/htdocs/ -d site1.net,www.site1.net'
    # scl enable python27 './letsencrypt-auto certonly --webroot -w /path/site2/htdocs/ -d site2.com,www.site2.com -w /lamp/sub.site2/htdocs/ -d sub.site2.com'

Cron

Reference