Knowledgebase

Install Let's Encrypt SSL on One-Click WordPress Print

  • 0

Introduction

Let’s Encrypt is an automated, open certificate authority that offers free TLS/SSL certificates for the public’s benefit. The service is provided by the Internet Security Research Group (ISRG). This tutorial shows how to install a Let's Encrypt SSL certificate on the One-Click WordPress app using the certbot installation wizard. After completing this tutorial, the WordPress site will have a valid certificate and the nginx webserver will redirect all HTTP requests to HTTPS.

Prerequisites

This tutorial assumes that you have already deployed a One-Click WordPress app, have a domain name pointing to your server IP address, and you are logged in as root.

1. Install Certificate

SSH to the server as root and run certbot. Here's an example:

# certbot --nginx --redirect -d example.com -d www.example.com -m admin@example.com --agree-tos

This command explained:

  • --nginx
    • Use the nginx web server
  • --redirect
    • Redirect all HTTP requests to HTTPS.
  • -d example.com -d www.example.com
    • Install a multiple domain (SAN) certificate. You may use up to 100 -d domain entries.
  • -m admin@example.com
    • The notification email address for this certificate.
  • --agree-tos
    • Agree to the terms of service.

Use certbot --help for more information. See the Certbot FAQ for more information about SAN certificates.

2. Verify Automatic Renewal

Let's Encrypt certificates are valid for 90 days. The certbot wizard updates the systemd timers and crontab to automatically renew your certificate.

  1. Verify the timer is active.

     # systemctl list-timers | grep 'certbot\|ACTIVATES'
  2. Verify the crontab entry exists.

     # ls -l /etc/cron.d/certbot
  3. Verify the renewal process works with a dry run.

     # certbot renew --dry-run

Older One-Click WordPress Deployments

If you have an older version of One-Click WordPress, you may need to install certbot. To download and install the certbot package:

# sudo add-apt-repository ppa:certbot/certbot 
# sudo apt-get update  
# sudo apt-get install python-certbot-nginx
Introduction Let’s Encrypt is an automated, open certificate authority that offers free TLS/SSL certificates for the public’s benefit. The service is provided by the Internet Security Research Group (ISRG). This tutorial shows how to install a Let's Encrypt SSL certificate on the One-Click WordPress app using the certbot installation wizard. After completing this tutorial, the WordPress site will have a valid certificate and the nginx webserver will redirect all HTTP requests to HTTPS. Prerequisites This tutorial assumes that you have already deployed a One-Click WordPress app, have a domain name pointing to your server IP address, and you are logged in as root. 1. Install Certificate SSH to the server as root and run certbot. Here's an example: # certbot --nginx --redirect -d example.com -d www.example.com -m admin@example.com --agree-tos This command explained: --nginx Use the nginx web server --redirect Redirect all HTTP requests to HTTPS. -d example.com -d www.example.com Install a multiple domain (SAN) certificate. You may use up to 100 -d domain entries. -m admin@example.com The notification email address for this certificate. --agree-tos Agree to the terms of service. Use certbot --help for more information. See the Certbot FAQ for more information about SAN certificates. 2. Verify Automatic Renewal Let's Encrypt certificates are valid for 90 days. The certbot wizard updates the systemd timers and crontab to automatically renew your certificate. Verify the timer is active. # systemctl list-timers | grep 'certbot\|ACTIVATES' Verify the crontab entry exists. # ls -l /etc/cron.d/certbot Verify the renewal process works with a dry run. # certbot renew --dry-run Older One-Click WordPress Deployments If you have an older version of One-Click WordPress, you may need to install certbot. To download and install the certbot package: # sudo add-apt-repository ppa:certbot/certbot # sudo apt-get update # sudo apt-get install python-certbot-nginx

Was this answer helpful?
Back

Powered by WHMCompleteSolution