Step 1: Install Git
Check the git command, if command not found, you must install git first:
[root@tutorialspots ~]# git -bash: git: command not found
Read: How to install Git on Centos Linux
Step 2: install ca-certificates and python pip
How to install ca-certificates package on Centos 5.x
How to install package python-pip on Centos
How to install python pip on Linux
Step 3: Installing Client Software
Step 3.1:
git clone https://github.com/letsencrypt/letsencrypt
Result:
[root@tutorialspots ~]# git clone https://github.com/letsencrypt/letsencrypt Cloning into 'letsencrypt'... remote: Counting objects: 34957, done. remote: Compressing objects: 100% (93/93), done. remote: Total 34957 (delta 46), reused 0 (delta 0), pack-reused 34864 Receiving objects: 100% (34957/34957), 9.39 MiB | 8.81 MiB/s, done. Resolving deltas: 100% (24827/24827), done. Checking connectivity... done.
Step 3.2:
cd letsencrypt
Step 3.3
./letsencrypt-auto --help
Result:
[root@tutorialspots letsencrypt]# ./letsencrypt-auto --help
Bootstrapping dependencies for RedHat-based OSes...
yum is /usr/bin/yum
Loaded plugins: fastestmirror, protectbase, replace
Loading mirror speeds from cached hostfile
* addons: mirror.netdepot.com
* base: centos.mirror.constant.com
* epel: mirror.symnds.com
* extras: mirror.vcu.edu
* rpmforge: mirror.rit.edu
* updates: mirrors.tripadvisor.com
0 packages excluded due to repository protections
Setting up Install Process
Package python-2.4.3-56.el5.i386 already installed and latest version
Package python-devel-2.4.3-56.el5.i386 already installed and latest version
Package python-tools-2.4.3-56.el5.i386 already installed and latest version
No package python-pip available.
Resolving Dependencies
--> Running transaction check
---> Package python-virtualenv.noarch 1:1.7.2-2.el5 set to be updated
--> Processing Dependency: python-setuptools for package: python-virtualenv
--> Running transaction check
---> Package python-setuptools.noarch 0:0.6.14-3.el5 set to be updated
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
python-virtualenv noarch 1:1.7.2-2.el5 epel 1.1 M
Installing for dependencies:
python-setuptools noarch 0.6.14-3.el5 flexbox 424 k
Transaction Summary
================================================================================
Install 2 Package(s)
Upgrade 0 Package(s)
Total download size: 1.5 M
Downloading Packages:
(1/2): python-setuptools-0.6.14-3.el5.noarch.rpm | 424 kB 00:00
(2/2): python-virtualenv-1.7.2-2.el5.noarch.rpm | 1.1 MB 00:00
--------------------------------------------------------------------------------
Total 1.9 MB/s | 1.5 MB 00:00
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : python-setuptools 1/2
Installing : python-virtualenv 2/2
Installed:
python-virtualenv.noarch 1:1.7.2-2.el5
Dependency Installed:
python-setuptools.noarch 0:0.6.14-3.el5
Complete!
Loaded plugins: fastestmirror, protectbase, replace
Loading mirror speeds from cached hostfile
* addons: mirror.netdepot.com
* base: centos.mirror.constant.com
* epel: mirror.symnds.com
* extras: mirror.vcu.edu
* rpmforge: repoforge.spinellicreations.com
* updates: mirrors.tripadvisor.com
0 packages excluded due to repository protections
Setting up Install Process
Package gcc-4.1.2-55.el5.i386 already installed and latest version
Package dialog-1.0.20051107-1.2.2.i386 already installed and latest version
Package openssl-0.9.8e-39.el5_11.i686 already installed and latest version
Package openssl-devel-0.9.8e-39.el5_11.i386 already installed and latest version
Package redhat-rpm-config-8.0.45-32.el5.centos.noarch already installed and late
st version
Resolving Dependencies
--> Running transaction check
---> Package augeas-libs.i386 0:1.2.0-1.el5 set to be updated
---> Package libffi-devel.i386 0:3.0.9-1.el5.rf set to be updated
--> Processing Dependency: libffi = 3.0.9-1.el5.rf for package: libffi-devel
--> Running transaction check
---> Package libffi.i386 0:3.0.9-1.el5.rf set to be updated
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
augeas-libs i386 1.2.0-1.el5 epel 360 k
Updating:
libffi-devel i386 3.0.9-1.el5.rf rpmforge 16 k
Updating for dependencies:
libffi i386 3.0.9-1.el5.rf rpmforge 87 k
Transaction Summary
================================================================================
Install 1 Package(s)
Upgrade 2 Package(s)
Total download size: 463 k
Downloading Packages:
(1/3): libffi-devel-3.0.9-1.el5.rf.i386.rpm | 16 kB 00:00
(2/3): libffi-3.0.9-1.el5.rf.i386.rpm | 87 kB 00:00
(3/3): augeas-libs-1.2.0-1.el5.i386.rpm | 360 kB 00:00
--------------------------------------------------------------------------------
Total 1.3 MB/s | 463 kB 00:00
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Updating : libffi 1/5
Updating : libffi-devel 2/5
Installing : augeas-libs 3/5
Cleanup : libffi 4/5
Cleanup : libffi-devel 5/5
Installed:
augeas-libs.i386 0:1.2.0-1.el5
Updated:
libffi-devel.i386 0:3.0.9-1.el5.rf
Dependency Updated:
libffi.i386 0:3.0.9-1.el5.rf
Complete!
Loaded plugins: fastestmirror, protectbase, replace
Loading mirror speeds from cached hostfile
* addons: mirror.netdepot.com
* base: centos.mirror.constant.com
* epel: mirror.symnds.com
* extras: mirror.vcu.edu
* rpmforge: mirror.rit.edu
* updates: mirrors.tripadvisor.com
0 packages excluded due to repository protections
Setting up Install Process
Package 1:mod_ssl-2.2.27-2.i386 already installed and latest version
Nothing to do
Checking for new version...
Creating virtual environment...
Installing Python packages...
Installation succeeded.
Requesting root privileges to run letsencrypt...
/root/.local/share/letsencrypt/bin/letsencrypt --help
letsencrypt-auto [SUBCOMMAND] [options] [-d domain] [-d domain] ...
The Let's Encrypt agent can obtain and install HTTPS/TLS/SSL certificates. By
default, it will attempt to use a webserver both for obtaining and installing
the cert. Major SUBCOMMANDS are:
(default) run Obtain & install a cert in your current webserver
certonly Obtain cert, but do not install it (aka "auth")
install Install a previously obtained cert in a server
renew Renew previously obtained certs that are near expiry
revoke Revoke a previously obtained certificate
rollback Rollback server configuration changes made during install
config_changes Show changes made to server config during installation
plugins Display information about installed plugins
Choice of server plugins for obtaining and installing cert:
--apache Use the Apache plugin for authentication & installation
--standalone Run a standalone webserver for authentication
(nginx support is experimental, buggy, and not installed by default)
--webroot Place files in a server's webroot folder for authentication
OR use different plugins to obtain (authenticate) the cert and then install it:
--authenticator standalone --installer apache
More detailed help:
-h, --help [topic] print this message, or detailed help on a topic;
the available topics are:
all, automation, paths, security, testing, or any of the subcommands or
plugins (certonly, install, nginx, apache, standalone, webroot, etc)
Now, we can use letsencrypt command
Step 4: Use The Client
If you’re using Apache:
/root/.local/share/letsencrypt/bin/letsencrypt --apache
or
/root/letsencrypt/letsencrypt-auto --apache --verbose
Result:
Which names would you like to activate HTTPS for?
Select your domain you want to install Let’s encrypt certificate, then press Enter.
Enter email address (used for urgent notices and lost key recovery):
Then, press Enter.
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf. You
must agree in order to register with the ACME server at
https://acme-v01.api.letsencrypt.org/directory
IMPORTANT NOTES: - If you lose your account credentials, you can recover through e-mails sent to tutorialspots.com@gmail.com. - Your account credentials have been saved in your Let's Encrypt configuration directory at /etc/letsencrypt. You should make a secure backup of this folder now. This configuration directory will also contain certificates and private keys obtained by Let's Encrypt so making regular backups of this folder is ideal.
If you’re using the “webroot” plugin:
letsencrypt certonly --webroot -w /var/www/tutorialspots -d tutorialspots.com -d www.tutorialspots.com -w /var/www/thing -d thing.is -d m.thing.is
If you’reusing a built-in “standalone” webserver:
letsencrypt certonly --standalone -d tutorialspots.com -d www.tutorialspots.com
Next: How to use SSL certificate free of Let’s Encrypt on Linux – part 2
