Let’s Encrypt is a free, automated, and open certificate authority (CA), run for the public’s benefit.
It is a service provided by the Internet Security Research Group (ISRG). Let’s Encrypt integrates with InterWorx via a plugin, which allows users to generate free, secure, SSL certificates.
Requirements:
In order to generate a Let’s Encrypt SSL certificate, the following criteria must be met:
- Let’s Encrypt plugin must be enabled in NodeWorx
- Domain must be active and resolve to an IP on the server
Set Up:
To enable the Let’s Encrypt plugin in NodeWorx, follow these steps:
- In NodeWorx, under NodeWorx > Plugins, click the “Edit” button next to the Let’s Encrypt option
- Select “Enabled” from the drop down menu
- Click “Save”
Generate:
Here is how to generate an SSL certificate in SiteWorx using Let’s Encrypt:
- In SiteWorx, navigate to Hosting Features > Domains > SSL
- Click the “Generate All With Let’s Encrypt”button
- Choose domains the SSL certificate will apply to
- Click the “Generate” button
Troubleshooting:
Logging information for Let’s Encrypt can be found in the following locations:
- /var/log/letsencrypt/letsencrypt.logletsencrypt.log
- only records the most recent attempt at generating a certificate. While the log does rotate for each attempt, the individual logs only hold information on one attempt, each
- /var/log/letsencrypt/letsencrypt-renew.log
- Let’s Encrypt certificates renew automatically within 30 days of expiration. This is handled by the weekly cron
Common errors:
Error:
Let’s Encrypt only allows a certain amount of certificate generation attempts per server, per week. This includes when generating a certificate fails. Currently it is 20/week. Once that cap is hit, it does not allow any more attempts until that counter resets. For further information: https://letsencrypt.org/docs/rate-limits/
Error:
Let’s Encrypt certificates can only be generated for sites that resolve to IPs on the server. If the site is live, make sure that DNS is propagated.
