This tutorial logs the activities for installing and setup "letsencrypt" on FreeBSD 10.2.
pwd/root
git clone https://github.com/letsencrypt/letsencryptCloning into 'letsencrypt'... remote: Counting objects: 26576, done. remote: Compressing objects: 100% (9/9), done. remote: Total 26576 (delta 4), reused 0 (delta 0), pack-reused 26567 Receiving objects: 100% (26576/26576), 6.90 MiB | 1.06 MiB/s, done. Resolving deltas: 100% (18688/18688), done. Checking connectivity... done.
cd letsencrypt/ ./letsencrypt-auto --help allgrep: /etc/os-release: No such file or directory WARNING: FreeBSD support is very experimental at present... if you would like to work on improving it, please ensure you have backups and then run this script again with the --debug flag!
./letsencrypt-auto --help --debug allgrep: /etc/os-release: No such file or directory Bootstrapping dependencies for FreeBSD... + pkg install -Ay git python py27-virtualenv augeas libffi Updating FreeBSD repository catalogue... FreeBSD repository is up-to-date. All repositories are up-to-date. The following 3 package(s) will be affected (of 0 checked): New packages to be INSTALLED: python: 2.7_2,2 py27-virtualenv: 13.1.0 augeas: 1.4.0 The process will require 6 MiB more space. 3 MiB to be downloaded. Fetching python-2.7_2,2.txz: 100% 996 B 1.0kB/s 00:01 Fetching py27-virtualenv-13.1.0.txz: 100% 2 MiB 2.1MB/s 00:01 Fetching augeas-1.4.0.txz: 100% 575 KiB 588.3kB/s 00:01 Checking integrity... done (0 conflicting) [1/3] Installing python-2.7_2,2... [1/3] Extracting python-2.7_2,2: 100% [2/3] Installing py27-virtualenv-13.1.0... [2/3] Extracting py27-virtualenv-13.1.0: 100% [3/3] Installing augeas-1.4.0... [3/3] Extracting augeas-1.4.0: 100% Creating virtual environment... Updating letsencrypt and virtual environment dependencies...You are using pip version 7.1.0, however version 7.1.2 is available. You should consider upgrading via the 'pip install --upgrade pip' command. .You are using pip version 7.1.0, however version 7.1.2 is available. You should consider upgrading via the 'pip install --upgrade pip' command. ... Running with virtualenv: /root/.local/share/letsencrypt/bin/letsencrypt --help --debug all letsencrypt [SUBCOMMAND] [options] [-d domain] [-d domain] ... The Let's Encrypt agent can obtain and install HTTPS/TLS/SSL certificates. By default, it will attempt to use a webserver both for obtaining and installing the cert. Major SUBCOMMANDS are: (default) run Obtain & install a cert in your current webserver certonly Obtain cert, but do not install it (aka "auth") install Install a previously obtained cert in a server revoke Revoke a previously obtained certificate rollback Rollback server configuration changes made during install config_changes Show changes made to server config during installation plugins Display information about installed plugins Choice of server plugins for obtaining and installing cert: --apache Use the Apache plugin for authentication & installation --standalone Run a standalone webserver for authentication (nginx support is experimental, buggy, and not installed by default) --webroot Place files in a server's webroot folder for authentication OR use different plugins to obtain (authenticate) the cert and then install it: --authenticator standalone --installer apache More detailed help: -h, --help [topic] print this message, or detailed help on a topic; the available topics are: all, automation, paths, security, testing, or any of the subcommands or plugins (certonly, install, nginx, apache, standalone, webroot, etc)
The nginx virtual hosts file will be adjusted as follows
# all http traffic will be diverted to https: listen 80; server_name www.lf24.com; return 301 https://www.lf24.com; } server { listen 443 ; server_name www.lf24.com; access_log .... error_log .... root /usr/local/www/.... index index.php; ssl_certificate /etc/letsencrypt/live/www.lf24.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/www.lf24.com/privkey.pem; ssl_trusted_certificate /etc/letsencrypt/live/www.lf24.com/fullchain.pem; ssl_session_timeout 1d; ssl_session_cache shared:SSL:50m;Published: May 19, 2019
The information on this page is user generated content. The content does not claim to be complete or correct.
Everybody is invited to add or change the data. Just click on this link. No login or email is required. Thanks.