Install Let’s Encrypt

Install Git

apt-get install git

Install Certbot

cd /opt
git clone https://github.com/certbot/certbot

Stop Apache

service apache2 stop

Generate certificate

cd /opt/certbot/
./certbot-auto certonly --standalone --rsa-key-size 4096 -d domain.xx -d www.domain.xx

Certificates and key are now installed in /etc/letsencrypt/live/domain.xx

ls -al /etc/letsencrypt/live/domain.xx
  • cert.pem
  • chain.pem
  • fullchain.pem
  • privkey.pem

Add certificate to Apache webserver

vi /etc/apache2/sites-available/domain.xx.conf
    SSLEngine on
    # SSLCertificateFile /var/www/clients/client3/web8/ssl/domain.xx.crt
    # SSLCertificateKeyFile /var/www/clients/client3/web8/ssl/domain.xx.key
    SSLCertificateFile /etc/letsencrypt/live/domain.name/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/domain.name/privkey.pem

Redirect http to https

    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

Start Apache

service apache2 start

Renew certificate

/opt/certbot/certbot-auto renew

Froxlor

Force Froxlor Let’s Encrypt cronjob

php /var/www/froxlor/scripts/froxlor_master_cronjob.php --letsencrypt --debug

See also