Editing
Generating a LetsEncrypt certificate - both Linux and Windows
Jump to navigation
Jump to search
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
Installing SSL Certificate for Website on Linux & Windows -------------------------------------------------------- For Linux ------------- Connect to server Go to below path β’ cd /etc/nginx/sites-enabled Run below command there β’ certbot certonly - - nginx It will show you all websites hosted on that server and ask to enter numbers according to the server for which certificate need to install Note - if you want to list domains to be renewed/added and there are some which you want to leave out, use a space separated list of the site numbers If you keep that blank and hit enter, then it will renew the existing certificate and create new one for those website, which donβt have it If you want to install for specific website only, then type according number and hit enter, after you hit enter it will ask you to expand, so just type e and press enter Then it will give you two options, select there second option (renew and replace) and hit enter It will generate certificate, we can see the generated certificate at below path β’ cd /etc/letsencrypt/live For Windows -------------------- Login to server using RDP Note β Stop the "World Wide Web" service first Open command prompt as administrator Go to below path β’ cd c:/certbot Run below command β’ certbot certonly It will give you two options, select first option (Spin up temporary) Enter domain names and hit enter To convert crt and key to .pfx and generate certificate go to below path β’ C:/programfiles/Git/usr/bin Run below command to generate certificate with appropriate information (fullchain and key file locations and names) opensslβ pkcs12 -export -out *.pfx -inkey *.key -in *.crt For ex. - openssl pkcs12 -export -out "C:\certbot\archive\support.apoyar.net\support.apoyar.net.pfx" -inkey "C:\certbot\archive\support.apoyar.net\privkey1" -in "C:\Certbot\archive\support.apoyar.net\fullchain1.pem" Note β while executing above command for generating certificate we have to use quotation for file locations (ββ) Also we can rename the fullchain.pem file to fullchain.crt, and if we double click it, we can see certificate details Note- Start "World Wide Web" service first Go to IIS (Internet Information Services) - click on NEPTUNE β server certificates β import New window will open, browse the certificate path and select certificate β’ Check the box ( Allow certificate ) Go to default web β Bindings β https β edit And select the according certificate (support.apoyar.net) Click Ok Then click YES for all popups Note β Sometimes error might comes, so no need to worry... just click OK and continue Note β Default web is used to store settings/certificates
Summary:
Please note that all contributions to Apoyar Wiki may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see
Apoyar Wiki:Copyrights
for details).
Do not submit copyrighted work without permission!
Cancel
Editing help
(opens in new window)
Navigation menu
Personal tools
Not logged in
Talk
Contributions
Create account
Log in
Namespaces
Page
Discussion
British English
Views
Read
Edit
View history
More
Search
Navigation
Main page
Apoyar Infrastructure
Active Directory
Recent changes
Random page
Upload file
Tools
What links here
Related changes
Special pages
Page information