Reputation: 4130
Generate a certificate with letsencrypt locally
I'm new to generating certificates and using letsencrypt, so I'm not sure if this is a dumb question or even possible.
I want to create a small example webapplication using node.js. And I want to test how to implement https, and how to get a proper certificate.
So I tried to use letsencrypt. But it doesn't seem to work.
I'm using my local machine (win10) and I'm cloning the git. Afterwards I try to execute the command ./letsencrypt-auto but windows won't recognize the script as a command.
How is it possible to use letsencrypt locally on my win10 machine, where no webserver (usually) is running.
Upvotes: 2
Views: 7051
Answers (3)
Reputation: 26709
Alternatively, you can use ngrok to expose your local port 80 and make it available to the world via the secure tunnel on subdomain.ngrok.io. There is also a possibility to pass that domain as a CNAME for your own domain name.
All you have to do is:
- Create free account with https://ngrok.com/ It works on all operating systems.
- Run
ngrok http 80and note yoursubdomain.ngrok.io - Add the above subdomain to your
/etc/hostsas127.0.0.1 subdomain.ngrok.io. This way you will be able to access that domain locally with SSL, while ngrok will make sure Let's Encrypt is able to access it via the Internet.
Edit: Note that this method might not work reliably. Let's encrypt has 20 certificates rate limit per registered domain. Which means up 20 certificates in total can be generated for all ngrok users per week.
Disclaimer: I have no affiliation with ngrok.io.
Upvotes: 1
Reputation: 1428
Alternatively you can look at - https://github.com/minio/concert built using golang, you can get a windows binary quite naturally.
Install
You need to have golang installed to compile concert.
$ go get -u github.com/minio/concert
How to run?
Generates certs in certs directory by default.
$ sudo concert gen <EMAIL> <DOMAIN>
Generate certificates in custom directory.
$ sudo concert gen --dir my-certs-dir <EMAIL> <DOMAIN>
Renew certificates in certs directory by default.
$ sudo concert renew <EMAIL>
Generate certificates in custom directory.
$ sudo concert renew --dir my-certs-dir <EMAIL>
Run a server with automatic renewal.
$ sudo concert server <EMAIL> <DOMAIN>
Upvotes: 1
Reputation: 44841
letsencrypt-auto only works with Apache on Debian-based OSes (for now). There's no way to use it on Windows, yet.
That said, people are trying. You might find this project interesting. (Disclaimer: I have no affiliation with that and haven't tried it myself.)
Upvotes: 1
Related Questions
- Resolving javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed Error?
- SSL certificate rejected trying to access GitHub over HTTPS behind firewall
- How can I make git accept a self signed certificate?
- Unable to resolve "unable to get local issuer certificate" using git on Windows with self-signed certificate
- Ignore invalid self-signed ssl certificate in node.js with https.request?
- Can I get Letsencrypt certificate for local development
- Automating LetsEncrypt Certificate Installation on shared server