Permanent free SSL Security Certificate Letsencrypt installation usage method

SSL Security certificate (in short is to support https://) is the site, especially the business site must be, we buy a VPS also must avoid those who do not have SSL security certificate merchants. Letsencrypt at the beginning of the emergence of a lot of attention, this claim of permanent free SSL certificate, for less than 2 dollars/year, more than hundreds of dollars of commercial products is not a small impact, although the front also has STARTSSL and other free precedents, But Letsencrypt because of Mozilla, Cisco's participation and let people have a lot of goodwill. Recently, Letsencrypt finally appeared in the public beta (no longer need to apply for the beta), the Micro Demon today by the way to share the installation and use of the tutorial.

Letsencrypt installation, use tutorial

Before installing, the system needs to install Python (more than 2.7) and git, the related installation tutorial please search yourself, most of the cases using the system with the Yum or Apt-get command, Redhat or CentOS 6 may need to configure Epel software source

git clone https://github.com/letsencrypt/letsencrypt
CD Letsencrypt
./letsencrypt-auto certonly--standalone--email admin@thing.com-d thing.com-d www.thing.com
Replace the above mailbox and domain name with your own

If you see the following information, it shows that everything is OK

IMPORTANT NOTES:
-congratulations! Your certificate and chain have been saved at
/etc/letsencrypt/live/xxx.com/fullchain.pem. Your cert would
Expire on 2016-03-05. To obtain a new version of the certificate in
The future, simply run let ' s Encrypt again.
-If like let's Encrypt, please consider supporting we work by:

Donating to Isrg/let ' s encrypt:https://letsencrypt.org/donate
Donating to Eff:https://eff.org/donate-le
Note: The above command, the DNS domain name needs to point to your VPS, another email is best not to use the domestic domain name mailbox, measured dnspod+ NetEase Enterprise mailbox will lead to the server experienced an internal error:: Error Creating new registration error, have netizen feedback using domestic DNS domain name will have such a mistake.

Run the last command will appear in the Blue Command box, the consent agreement (only for the first time), the end will be in the "/etc/letsencrypt/live/Domain name/" directory to generate the following files, refer to their own server software to select the corresponding file load, such as Apache on the election 1-3 ; Nginx Choose 1+4:

1. PRIVKEY.PEM: The key file for the security certificate (that is, the ssl_certificate_key of Sslcertificatekeyfile and Nginx in Apache);
2. Cert.pem:Apache Server-side certificate (Apache sslcertificatefile);
3. Chain.pem:Apache root certificate and relay certificate (Apache Sslcertificatechainfile);
4.  Fullchain.pem: All certificates (Nginx required for Ssl_ Certificate
Letsencrypt is permanently free, but is currently updated every 3 months and can be performed in conjunction with the crontab Command (tutorial), with the same command as "./letsencrypt-auto certonly– Standalone–email admin@thing.com-d thing.com-d www.thing.com "