2017年05月27日 let's encrypt [長年日記]
_ let's encrypt
pre-requirement
- mercurial-1.8.2.tar.gz
- python-2.7.11.tar.gz
- curl-7.53.1.tar.gz (must be enabled SNI)
getssl-2.10.zip
Create default config files.
# getssl -c myh.no-ip.org
~/.getssl/getssl.cfg
CA="https://acme-v01.api.letsencrypt.org" ACCOUNT_EMAIL="m-ito@myh.no-ip.org" ACCOUNT_KEY_LENGTH=4096 ACCOUNT_KEY="/root/.getssl/account.key" PRIVATE_KEY_ALG="rsa" RENEW_ALLOW="30" SERVER_TYPE="https" CHECK_REMOTE="true"
~/.getssl/myh.no-ip.org/getssl.cfg
CA="https://acme-v01.api.letsencrypt.org"
SANS=""
ACL=('/usr/local/apache2/htdocs/.well-known/acme-challenge')
Create certificate etc.
# getssl myh.no-ip.org
Update certificate.
# getssl -u -a -q && cp `find /root/.getssl/myh.no-ip.org/archive/ -type d|tail -1`/* /root/.getssl/myh.no-ip.org/
[ツッコミを入れる]