EasyEngine and Let's Encrypt Free SSL Certificate


#1

Hello!

Does a typical EasyEngine installation play well with the new Let’s Encrypt Free SSL Certificate?

Link: http://thehackernews.com/2015/12/How-to-Install-Lets-Encrypt-SSL-Certificate.html


#2

As far as I understand, Let’s Encrypt SSL certs work just like any other paid SSL certs. If you are not facing any problems with common SSL cert, you will not face any problems with Let’s Encrypt. But if ~1 minute of downtime is acceptable for your website, I think it would be better to use --standalone option to obtain certificate to not let Let’s Encrypt touch your configs. Also Let’s Encrypt nginx plugin is still in beta, and you will not be able to install it with letsencrypt-auto at this moment.


#3

You can get a automated experience by using the --webroot method. Look at centminmod’s implementation of it.

It works well, I’ve tested it. Should be entirely possible with EE without need to use beta nginx plugins.


#4

EE has official documentation to get LE working with just a few commands:


#5

@GeorgeAppiah I have tried that method but it did not work I am getting Verify Error


#6

Likely a permission issue. What’s the EXACT error message you’re getting?


#7

Hello @rps11997

Please make sure your domain with www and without www is pointed to the server.


#8

I’m getting redirect loops, and I might be doing something wrong, but anybody else having this issue? It goes away when I turn SSL off. I’ve been unable to find the source of the redirect yet.

edit: I should mention that this is for a site I already had a SSL certificate on, and it worked fine. But using SSL with LetsEncrypt (set up via EE) caused the loop.

edit2: the only way I can make this work is to comment out force-ssl-example.com.conf file under /etc/nginx/conf.d/ and make sure to include listen 80; on the ssl.conf file under my site directory.


#9

Hello @THORR

Please try adding subs_filter in NGINX site conf and check if redirection loop still exist.

Steps:

  1. ee site edit example.com

  2. Add

subs_filter http://example.com https://example.com;

or

subs_filter http:// https://;

Also could you provide your site NGINX conf ? Use command :

ee site show example.com


#10