Generate Letsencrypt Certificate CENTOS 5

problems that are often encountered when generate ssl certificate from letsencrypt  is openssl is too old, so it failed

then discovered the latest technology and how it can be used for CentOS 5 and the new.
the simple way with little jutsu "sed, perl, and openssl"
lets begin \ ('') /

setep 1: clone repo letsencrypt.sh

git clone https://github.com/lukas2511/letsencrypt.sh

and change dir

cd letsencrypt.sh

step 2:  create a virtual folder for verification of acme server (on a domain server that would be made ssl) httpd user like this

Alias /.well-known/acme-challenge /var/www/letsencrypt

<Directory /var/www/letsencrypt/>

</Directory>

 

/var/www or /var/www/html , whatever, adjust to your DocumentRoot




restart httpd  & test
service httpd restart

http://yourdomain.com/.well-known/acme-challenge/

step 3:  create file config.sh like this

WELLKNOWN="/var/www/letsencrypt"

step 4:  create file domains.txt and put your domain in here

yourdomain.com

use space for multiple domain names

yourdomain.com blog.yourdomain.com 

 remember response 200 to
http://yourdomain.com/.well-known/acme-challenge/
http://blog.yourdomain.com/.well-known/acme-challenge/
 
step 5:  GENERATE !!!!

./letsencrypt.sh --config config.sh --cron

step 6:  check certificate, & copy

ls certs/domain.com

cp -r certs /etc/pki

step 7:  enable in ssl.conf

SSLCertificateFile /etc/pki/certs/domain.com/fullchain.pem
SSLCertificateKeyFile /etc/pki/certs/domain.com/privkey.pem
SSLCertificateChainFile /etc/pki/certs/domain.com/chain.pe

step 8:  crontab every day
@daily /etc/pki/letsencrypt.sh --config /etc/pki/config.sh --cron > /var/log/letsencrypt/renew.log

TIPS OF THE DAY!!!

copy all files like
letsencrypt.sh domains.txt config.sh to /etc/pki/

for a better future

source