CODEWITHSUNDEEP
apachessllets-encrypt
Zdenek Machek
Zdenek Machek

Reputation: 1744

Let's Encrypt configuration on Apache

When I run

./letsencrypt-auto

I can choose my domains, but in the next step it fails on 

IMPORTANT NOTES:
- The following 'urn:acme:error:connection' errors were reported by
the server:

Domains: xx.co.uk
Error: The server could not connect to the client for DV

Does apache needs to be listening on port 443 already or what else could be a problem?

Upvotes: 1

Views: 1882

Answers (2)

Zdenek Machek
Zdenek Machek

Reputation: 1744

Here is an answer.

Yes Apache needs to be listening on 443. Easiest way is to make you domain working with self signed SSL certificate.

Then run

./letsencrypt-auto --apache

And Let's Encrypt does all for you. Amazing!

Upvotes: 0

Daniel Convissor
Daniel Convissor

Reputation: 323

I just started using Let's Encrypt. My server runs Apache 2.2 on Ubuntu 12.04. I found it much easier to use Let's Encrypt certonly --webroot mode. Here's an example:

./letsencrypt-auto certonly --webroot \
  --renew-by-default --agree-tos \
  --email [email protected] \
  -w /var/www/www.analysisandsolutions.com/public_html \
  -d www.analysisandsolutions.com -d analysisandsolutions.com

Then I edited the relevant virtual host file in sites-available to contain:

SSLCertificateFile /etc/letsencrypt/live/www.analysisandsolutions.com/cert.pem
SSLCertificateChainFile /etc/letsencrypt/live/www.analysisandsolutions.com/chain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/www.analysisandsolutions.com/privkey.pem

Finally call service apache2 reload

I also use the resulting certificate for Postfix SMTP and Dovecot IMAP connections.

I made a shell script to simplify the process. More details about all of this can be found on my blog.

Upvotes: 3

Related Questions