Here are a few letsencrypt commands that I’ve found useful in the past few months of trying it out.
git clone https://github.com/letsencrypt/letsencrypt cd letsencrypt
Note: for a few Debian installations, you can also install with:
apt-get install letsencrypt python-letsencrypt-apache
Other OS’s are also supported. See https://letsencrypt.readthedocs.org/en/latest/using.html#operating-system-packages for details!
Generating new keys on Apache:
./letsencrypt-auto run --apache -d domain1 -d domain2 -d domain3
Loading pre-generated keys from a backup into a new installation:
#Need to have backed up /etc/letsencrypt/ to some # backup location. This will grab private keys, # public certs, symlinks to them, everything. # More help at https://letsencrypt.readthedocs.org/en/latest/using.html#where-are-my-certificates # #Simply running the command, even to load help, # will bootstrap dependency installations and set # up the Python scripts if they haven't been set up # already. ./letsencrypt-auto --help all cp -R /path/to/backup/letsencrypt/* /etc/letsencrypt/ ./letsencrypt-auto --install -d -d -d --cert-path /etc/letsencrypt/live/domain1/cert.pem --key-path /etc/letsencrypt/live/domain1/privkey.pem --fullchain-path /etc/letsencrypt/live/domain1/fullchain.pem
Renewing the keys (keeping them the same, but extending the expiration date another 90 days):
#Special bash scripts intended for datestamp # checking to refrain from renewing certs # younger than 60 days old are no longer # needed in LE version 0.4. Simply run the # following: ./letsencrypt-auto renew