I’m using some latest Amazon Machine Image ( AMI ) called LAMP Stack PHP 5.3 LTS, Actually i was using some old AMI that released in 2013 and the instance also created at that time. It was almost impossible for me to integrate certbot in it, so that i finally decided to migrate my codeignitor app into new instance that support php 5.3
Here also i struggled so much to integrate certbot but finally i did it by the following steps.
git clone https://github.com/certbot/certbot
chmod a+x certbot-auto
./certbot-auto certonly --webroot -w /var/www/html/ -d <domainName> --debug
sudo ln -s /etc/letsencrypt/live/<domainName>/fullchain.pem /jet/etc/apache//server.crt
sudo ln -s /etc/letsencrypt/live/<domainName>/privkey.pem /jet/etc/apache//server.key
- uncomment the following line of code in
nano extra/httpd-ssl.conf // uncomment and set the following things with newly created
key file paths
- restart service by using the following command
Auto-renew your SSL certificates.
You are all set now. But take a note, Let’s Encrypt’s certificates are only valid for 90 days. This is to encourage users to automate their certificate renewal process. You can setup a cron job which will run everyday at a particular time to renew certificates. Certificates are renewed only when they expire.
- To test the renewal process, you can do a dry run with
sudo /tmp/certbot/certbot-auto renew --dry-run
sudo crontab -e
- Then, add the following line to crontab:
12 3 * * * /tmp/certbot/certbot-auto
renew --post-hook "sudo /jet/enter restart
" >> /etc/letsencrypt/log/renew.log
This runs the renew everyday at 3:12 am. Remember that certs don’t get renewed unless they are near to expiration, and monthly/weekly cron job would cause your existing certs to occasionally be expired already before they get renewed.
You can contact me in case you need any help to setup the above things, I will providing premium support