Examples of getting certificates from Let's Encrypt working on Apache, NGINX and Node.js servers.
I chose to use the manual method, you have to make a file available to verify you own the domain. Follow the commands from running
git clone https://github.com/letsencrypt/letsencrypt
cd letsencrypt
./letsencrypt-auto certonly --manual --email [email protected] -d example.comThis creates a directory: /etc/letsencrypt/live/example.com/ containing certificate files:
- cert.pem
- chain.pem
- fullchain.pem
- privkey.pem
var https = require('https');
var fs = require('fs');
var options = {
key: fs.readFileSync('/etc/letsencrypt/live/example.com/privkey.pem'),
cert: fs.readFileSync('/etc/letsencrypt/live/example.com/cert.pem'),
ca: fs.readFileSync('/etc/letsencrypt/live/example.com/chain.pem')
};
https.createServer(options, function (req, res) {
res.writeHead(200);
res.end("hello world\n");
}).listen(8000);LoadModule ssl_module libexec/apache2/mod_ssl.so
Listen 443
<VirtualHost *:443>
ServerName example.com
SSLEngine on
SSLCertificateFile "/etc/letsencrypt/live/example.com/cert.pem"
SSLCertificateKeyFile "/etc/letsencrypt/live/example.com/privkey.pem"
SSLCertificateChainFile "/etc/letsencrypt/live/example.com/chain.pem"
</VirtualHost>server {
listen 443 ssl;
server_name example.com;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
}
FYI: The python implementation of "letsencrypt" is now "certbot" and the node.js implementation is now Greenlock for Web Servers and Greenlock for API Integrations