Differences

This shows you the differences between two versions of the page.

--- web_services:letsencrypt [2015/12/07 13:38]
tschulz [Getting Your first Certificate]
+++ web_services:letsencrypt [2015/12/07 13:54] (current)
tschulz
@@ Line 5: / Line 5: @@
   - The entire process is done through the command line/curses client on the server running the web server
   - On Ubuntu I had to install the certificates manually
+  - Currently you can only have 5 certs for every domain per 7 day window
 ===== Install LetsEncrypt client =====
@@ Line 21: / Line 22: @@
   - You will be asked for a email address and a domain name in the curses interface enter them and if all goes well you should get a certificate file.
   - If successful you will see four files (**cert.pem,chain.pem,fullchain.pem,privkey.pem**) in **/etc/letsencrypt/live/<FQDN>/**
+  - Consult the certificate file matrix below on how to use the certificate files.
+==== Certificate File Matrix ====
+^Apache HTTPS Directive^LetsEncrypt File^Description^
+|SSLCertificateKeyFile|privkey.pem|Private key for the certificate.|
+|SSLCertificateFile|cert.pem|Server certificate only.|
+|SSLCertificateChainFile|chain.pem|All certificates that need to be served by the browser excluding server certificate, i.e. root and intermediate certificates only.|
+|--|fullchain.pem|This is what nginx needs for ssl_certificate.|
+ --- //[[tschulz@sebeka.k12.mn.us|Thad Schulz]] 2015/12/07 13:54//

ISD 820 Knowledge Base