Let ' s Encrypt trial use tutorial

Source: Internet
Author: User
Tags free ssl git clone letsencrypt

I heard that let's encrypt has already started public beta, so immediately began to try. Let's Encrypt is a new digital certification authority that automates the process of eliminating the complexity of creating and installing certificates, and provides free SSL/TLS certificates for websites.

The following is the process of using Let's Encrypt:

Get the client and execute


--note that the Python version requires >=2.7
git clone https://github.com/letsencrypt/letsencrypt
CD Letsencrypt
./letsencrypt-auto--agree-dev-preview--server https://acme-v01.api.letsencrypt.org/directory Auth
First, choose the authentication method

After installing some dependent packages, let ' s Encrypt will pop up the TUI interface to select the authentication method: manual or standalone. Here for the sake of convenience, choose independent certification.

Second, then enter the email address

Third, consent to the license agreement

Iv. Enter the domain name

Here, enter hdj.me and www.hdj.me, with multiple domain names separated by commas or spaces.
You can also select a command line mode:


./letsencrypt-auto certonly-a Manual--debug-d www.hdj.me
V. Completion

When you see the following message, the authentication has completed successfully:

–congratulations! Your certificate and chain have been saved at
/etc/letsencrypt/live/linuxtoy.org/fullchain.pem. Your cert would
Expire on 2016-01-25. To obtain a new version of the certificate in
The future, simply run let ' s Encrypt again.
Let ' s Encrypt the Certified information in the/etc/letsencrypt directory.

Then, in the NGINX configuration file, the following two lines are set to the actual path to let's Encrypt:


SSL_CERTIFICATE/ETC/LETSENCRYPT/LIVE/WWW.HDJ.ME/FULLCHAIN.PEM;
SSL_CERTIFICATE_KEY/ETC/LETSENCRYPT/LIVE/WWW.HDJ.ME/PRIVKEY.PEM;
Previous preview Picture:


It is noteworthy that:
Currently let's Encrypt certificate is valid for 90 days, then need to manually renew. In addition, there is a frequency limit when requesting certificate authentication. In general, the certification process is very easy, but also free, so the need for this friend may wish to try.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.