[Request] Lets encrypt Certificate manager Module.

[andykimpe]

not bad tom but it's only for ubuntu

those who are on centos that I find more stable for me

could not install it would be better to make a multisystem version

by applying the same commands as that of the doc

then there would just have to add the apache config

in your place I would not change the original apache configuration

nor even use the modules provided by the system

I would simply install like this for my part

Code:

exec("git clone https://github.com/letsencrypt/letsencrypt /usr/local/letsencrypt");
exec("ln -s /usr/local/letsencrypt/letsencrypt-auto /usr/local/bin/letsencrypt-auto");

once it's small order run

it only remains to call letsencrypt-auto

with exec and modify the apache config

for whom the generator as indicate in the doc

Code:

SSLEngine on

SSLProtocol ALL -SSLv2 -SSLv3

SSLHonorCipherOrder On

SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS

SSLCertificateFile /etc/letsencrypt/live/domain.com/cert.pem

SSLCertificateKeyFile /etc/letsencrypt/live/domain.com/privkey.pem

SSLCertificateChainFile /etc/letsencrypt/live/domain.com/chain.pem

# Keeping bellow for future upgrades.

# Requires Apache >= 2.4

SSLCompression off

I do not remember the parameters but there is an option

to launch letsencrypt-auto in silent mode

without any user interaction

advantage also letsencrypt-auto works just as well to create the certificate
than to renew it

the order and totally identical

edit I find the command to run it silently eg

Code:

letsencrypt-auto certonly --standalone -d domain.com -n --agree-tos -m contact@sentora.org