Let's Encrypt - Guide

Our Let's Encrypt plugin allows you to issue and manage Let's Encrypt certificates directly from the Snapt UI.

 

Step 1: Install the plugin: navigate to Setup>Modules & Plugins>Add Plugins>Misc>Lets Encrypt and click the install button.

Step 2: Once installed navigate to Setup>Let's Encrypt>Config. Here you will need to accept the terms and conditions, fill in your email address, 2

letter country code and state, then click "Save". This only needs to be filled in once.

activate.png

 

Step 3: Navigate to Setup>Let's Encrypt>Certificates and Click on the "Domain" tab. Fill in the fully qualified domain name(FQDN) for the certificate you want to create and the type of verification.

  • Provisioning a DNS record under example.com, or
  • Provisioning an HTTP resource under a well-known URI on https://example.com/

The verification will need you to add either a TXT record to your domain management or a file on your web server with a verification code that can be accessed by LetsEncrypt to verify that you own the domain.

click "Save".

Screen_Shot_2017-11-20_at_9.39.50_AM.png

Step 4

Once you save you will be given details of the verification needed to activate certificate.

DNS TXT Verification

Screen_Shot_2017-11-20_at_9_49_37_AM.png

If you have chosen to use the DNS TXT verification you can go to your domain management and add a TXT entry with the name eg. _acme-challenge.adc.demo1.snapt.net with the verification in the value field

Once saved and propagated you can use dig from the terminal to see if you receive an answer

eg. dig -t txt _acme-challenge.adc.demo1.snapt.net

you should receive a response similar to this

;; ANSWER SECTION:

_acme-challenge.adc.demo1.snapt.net. 600 IN TXT "oYUahZTmiI51nOE4gNgZA5CMSVOiUavMEvuxw6i0-7c" 

This will indicate that the verification code can be seen and verified.

HTTP Verification

Screen_Shot_2017-11-20_at_9_51_08_AM.png

A file path has to be added to the document root folder of your website for this verification. From the base folder create folders .well-known/acme-challenge with the file name specified above and add the value into that file.

To confirm that the file resource is accessible, try to navigate to that location from a browser, e.g http://adc.demo1.snapt.net/.well-known/acme-challenge/L1t9d2xoVHd3CGK-Zh5sZdW_GeaCXoYB2I3653hREEE

Step 5: Click on Verify Activation to complete the process and download certificates to be placed in Setup->SSL->SSL Certificates

Screen_Shot_2017-11-20_at_10.51.53_AM.png

If you need the certificate to be added to Snapt Balancer you download the PEM certificated, and with the Snapt Accelerator KEY & CRT will be needed.

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Article is closed for comments.