Let's Encrypt manual vs ee install


#1

During my ee install with --letsencrypt the install failed due in incorrect dns records. After correcting the dns records I installed letsencrypt manually using certbot. I also followed the tutorial for Weak Diffie Hellman Logjam Attack Fix. I do have https working on my domain now.

However, the nginx configuration for my domain now has entries from certbot in addition to the manual changes I made for Diffie Hellman. When I used the ee site info command it shows that SSL is disabled.

My question is can I now run ee site update --letsencrypt so that ee knows about https and the current certificates or will this break my current setup?


#2

@AntoniosHadji Remove any ssl related configuration you made in nginx. and run ee site update --letsencrypt=on

====== If you couldn’t point “www” domain to same server, do following steps.

  1. Run /opt/letsencrypt/certbot-auto --webroot --webroot-path=/var/www/html -d example.com

  2. ee site update example.com --letsencrypt=on

this will give a prompt from LE, from there choose the option, “Keep the existing certificates”

and it will generate necessary nginx conf files based on the manually generated LE certificates :wink: .

The above steps can be used for renewal also :slight_smile:


Let's Encyrpt auto renewal keeps failing
#3

That worked perfectly. Thank you.


#4