科技回声

I have a Debian box (LAMP) with some legacy PHP sites where I want to put Lets Encrypt SSL. What is the most painful way of doing that without disturbing any site that's currently running on it ? Is there any tool or script which does most of the job so that I don't have to fiddle a lot with Apache/PHP config and risk to break something ? Thanks

<a href="https://caddyserver.com/" rel="nofollow">https://caddyserver.com/</a> - Caddy works pretty nicely, and you should be able to use it as a reverse proxy in front of apache.

Use this to get exact instructions for your setup:<a href="https://certbot.eff.org/" rel="nofollow">https://certbot.eff.org/</a>

Personally I use haproxy to forward all LE related requests to certbot in standalone mode.My email is in my profile if you want to try this and need some help.

You can use the certbot on your local machine and setup a txt record on the DNS of the domain.Let's Encrypt will verify ownership against that text entry.

Warning for anyone trying to add Lets Encrypt to GCP - absolute nightmare. Would not recommend.

kube-lego for kubernetes is just awesome!

<a href="https://caddyserver.com/" rel="nofollow">https://caddyserver.com/</a> - Caddy works pretty nicely, and you should be able to use it as a reverse proxy in front of apache.

Use this to get exact instructions for your setup:<a href="https://certbot.eff.org/" rel="nofollow">https://certbot.eff.org/</a>

Personally I use haproxy to forward all LE related requests to certbot in standalone mode.My email is in my profile if you want to try this and need some help.

You can use the certbot on your local machine and setup a txt record on the DNS of the domain.Let's Encrypt will verify ownership against that text entry.

Warning for anyone trying to add Lets Encrypt to GCP - absolute nightmare. Would not recommend.

kube-lego for kubernetes is just awesome!

Ask HN: Easiest and least painful way of adding Lets Encrypt?

6 条评论

Ask HN: Easiest and least painful way of adding Lets Encrypt?

6 条评论