Version 1 (modified by Jamie McClelland, 5 years ago) (diff)


How to configure x509 on any MF/PL Server using letsencrypt

If the machine is a mosh

Edit the server's .pp file and add the following to the "m_mosh" class declaration:

  x509_method => "letsencrypt"

If the server is not a mosh, but is running apache


mf-certbot /etc/apache2/sites-enables/SITE.CONF

Complete the path above pointing to the web configuration file configured to respond to the domains you want certified.

If the server is not a mosh and is running nginx

Please patch mf-certbot to work for nginx. It should be trivial.

If the server not a mosh and is not running a web server




The letsecnrypt software will automatically update the certificates every 3 months

To do

Add a restart command to the post-certify hook of letsecnrypt?