Our Let's Encrypt plugin allows you to issue and manage Let's Encrypt certificates directly from the Snapt UI.
Step 1: Install the plugin: navigate to Setup>Modules & Plugins>Add Plugins>Misc>Lets Encrypt and click the install button.
Step 2: Once installed navigate to Setup>Let's Encrypt>Config. Here you will need to accept the terms and conditions, fill in your email address, 2
letter country code and state, then click "Save". This only needs to be filled in once.
Step 3: Navigate to Setup>Let's Encrypt>Certificates and Click on the "Domain" tab. Fill in the fully qualified domain name(FQDN) for the certificate you want to create and the type of verification.
- Provisioning a DNS record under
- Provisioning an HTTP resource under a well-known URI on
The verification will need you to add either a TXT record to your domain management or a file on your web server with a verification code that can be accessed by LetsEncrypt to verify that you own the domain.
Once you save you will be given details of the verification needed to activate certificate.
DNS TXT Verification
If you have chosen to use the DNS TXT verification you can go to your domain management and add a TXT entry with the name eg. _acme-challenge.adc.demo1.snapt.net with the verification in the value field
Once saved and propagated you can use dig from the terminal to see if you receive an answer
eg. dig -t txt _acme-challenge.adc.demo1.snapt.net
you should receive a response similar to this
;; ANSWER SECTION:
_acme-challenge.adc.demo1.snapt.net. 600 IN TXT "oYUahZTmiI51nOE4gNgZA5CMSVOiUavMEvuxw6i0-7c"
This will indicate that the verification code can be seen and verified.
A file path has to be added to the document root folder of your website for this verification. From the base folder create folders .well-known/acme-challenge with the file name specified above and add the value into that file.
To confirm that the file resource is accessible, try to navigate to that location from a browser, e.g http://adc.demo1.snapt.net/.well-known/acme-challenge/L1t9d2xoVHd3CGK-Zh5sZdW_GeaCXoYB2I3653hREEE
Step 5: Click on Verify Activation to complete the process and download certificates to be placed in Setup->SSL->SSL Certificates
If you need the certificate to be added to Snapt Balancer you download the PEM certificated, and with the Snapt Accelerator KEY & CRT will be needed.