How to use our proxy for HTTPS / SSL traffic over IPv4 Using Lets Encrypt Print

  • 0

Using Lets Encrypt:

To use lets encrypt you must have a propagated A record pointing to a valid domain on the proxy server please complete the steps outlined here first.

This tool assumes that you are running apache2 with a default webroot of /var/www/html without any web servers configured. If this does not apply to you please run certbot certonly and follow the onscreen instructions then refer to this article to add your SSL to the proxy.

you will first need to install certbot:

Centos:

yum install certbot

Debian/Ubuntu:

apt install certbot

Run the following command the email address is used for SSL Certificate reminders:

natvps-proxy-ssl-letsencrypt natvps.exampledomain.com webmaster@exampledomain.com

you will see the following output. Please read this carefully: 
IMPORTANT: This will fail if you have not used the natvps-proxy command to add your domain to the proxy service and/or you have not added an A record for your domain.
If you have not completed any of the above actions please press CTRL+C now otherwise press enter

If DNS is setup and you have already added your domain to the proxy hit enter. You should see the following output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for natvps.exampledomain.com
Using the webroot path /var/www/html for all unmatched domains.
Waiting for verification...
Cleaning up challenges

IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/natvps.exampledomain.com/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/natvps.exampledomain.com/privkey.pem
Your cert will expire on 2022-03-04. To obtain a new or tweaked
version of this certificate in the future, simply run certbot
again. To non-interactively renew *all* of your certificates, run
"certbot renew"
- Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
- If you like Certbot, please consider supporting our work by:

Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le

[INFO] Adding Cert
[INFO] Cert added succesfully!
Congratulations! Your certificate was added successfully.

 

you may now access your site at https://yourdomain.com

You should run natvps-proxy-ssl-letsencrypt natvps.exampledomain.com webmaster@exampledomain.com on a cron daily to make sure your SSL certificate is auto renewed. 

 

 


Was this answer helpful?

« Back