Let's Encrypt tool for generating web server keys

cpm@ · Nov 6, 2015

Please, update your ports tree:

https://svnweb.freebsd.org/ports?view=revision&revision=400885
https://svnweb.freebsd.org/ports?view=revision&revision=400884

oleg_skat · Nov 6, 2015

cpm said:
Please, update your ports tree:

https://svnweb.freebsd.org/ports?view=revision&revision=400885
https://svnweb.freebsd.org/ports?view=revision&revision=400884

-----------------------------------------------------------------------------------
cpm, Thanks

From the GitHub http://letsencrypt.readthedocs.org/en/latest/using.html#installation version (./letsencrypt-auto) I have installed letsencrypt successfully on another FreeBSD 10.1 virtual machine. Without some warnings. Got 2 *.pem files, the key and the certificate. And moved them to the real server.
And now, got a next trouble:

Code:

Performing sanity check on nginx configuration:
nginx: [emerg] PEM_read_bio_X509_AUX("/usr/local/ssl/cacert.pem") failed (SSL: error:0906D06C:PEM routines:PEM_read_bio:no start line:Expecting: TRUSTED CERTIFICATE)
nginx: configuration file /usr/local/etc/nginx/nginx.conf test failed.

The process has continuation (for my enjoy).

-------------------------------------------------------------------

About the new port:

The letsencrypt plugins to support Apache and Nginx certificate installation
will be made available soon in the following ports:

* Apache plugin: security/py-letsencrypt-apache
* Nginx plugin: security/py-letsencrypt-nginx

What does at mean? Can security/py-letsencrypt create and install certificates without plugins?

Besides ......

Code:

letsencrypt --server mydomain.com certonly
...................................................................
ImportError: Cannot open "/usr/local/lib/python2.7/site-packages/cryptography-1.1-py2.7-freebsd-9.3-RELEASE-p10-amd64.egg/cryptography/hazmat/bindings/_openssl.so"
File no exists

cpm@ · Nov 9, 2015

As you previously realised, the other ports have not landed yet into the ports tree. More work is needed before doing this

Please, see the current notes and status of the officially supported plugins ATM.
https://letsencrypt.readthedocs.org/en/latest/using.html#plugins

oleg_skat · Nov 9, 2015

Yes,
I have seen. But now I have to perform another task. I think, when the time will come to use https, I will return.
Apart from that, there is a lot of another possibilities for receive a certificate for free.
But we hope for a correctly written port, with a topical plugins and dependences...

cpm@ · Nov 9, 2015

oleg_skat said:
Yes,
I have seen. But now I have to perform another task. I think, when the time will come to use https, I will return.
Apart from that, there is a lot of another possibilities for receive a certificate for free.
But we hope for a correctly written port, with a topical plugins and dependences...

Sure, we will add more options to the security/py-letsencrypt port as soon as the available plugins work properly.

oleg_skat · Nov 10, 2015

All software require a time for debug. Our community waiting for that.

Jimlad · Nov 10, 2015

Just got my hostname white listed via the Lets Encrypt beta program. The certificate is on a jail running nginx as a reverse proxy on FreeBSD 10.2 on DO.

Jimlad · Nov 11, 2015

Here are a set of letsencrypt official python client installation scripts for multiple platforms, but most importantly...FreeBSD. I have not tested the FreeBSD script, but anyone struggling, might be worth a go. https://github.com/kennwhite/install-letsencrypt

cpm@ · Nov 24, 2015

A must read: http://savagedlight.me/2015/11/24/lets-encrypt-on-a-freebsd-nginx-reverse-proxy/

Thanks to Savagedlight

Let's Encrypt tool for generating web server keys

cpm@

Moderator

oleg_skat

cpm@

Moderator

oleg_skat

cpm@

Moderator

oleg_skat

Jimlad

Jimlad

cpm@

Moderator