Topic: letsencrypt

[ElFroggio]

SME 9.1.

I'm currently using the SSL certificates management contrib with a rapidssl certificate which is due to expire early next year. I'm looking at let's encrypt https://wiki.contribs.org/Letsencrypt. I don't understand the "John Crisp contrib".

• Is this instead of the 1st section with dehydrated?
• Do I need to uninstall my current SSL certificates management contrib?
• I'm thinking of rolling it out during the XMas/New Year break. If I have any problem at that time, how to I roll back to my still valid rapidssl certificates?

Thanks

Syv

[DanB35]

The John Crisp contrib is self-contained--if you follow those instructions, you won't need to do any of the other steps in the how-to.  And his contrib has been working very well for me for several months.

[ElFroggio]

The John Crisp contrib is self-contained--if you follow those instructions, you won't need to do any of the other steps in the how-to.  And his contrib has been working very well for me for several months.

Thanks, excellent to know.

But the page doesn't mention if I need to remove the existing SSL certificates?


Thanks

Syv

[DanB35]

No, you don't need to remove your existing certificates.  The contrib will reconfigure the SME server to use the Let's Encrypt cert once it obtains it.  At that point, you can remove the old cert, but you don't need to.

[ElFroggio]

Thank you

[ReetP]

Sorry I missed all this

I hope it should update itself without issues but nothing in life is guaranteed !

Note the contrib remains with the same name... it just handles creating configs.

It should remove the letsencrypt.sh rpm and install the dehydrated rpm.

There may be residual dirs left e.g. /etc/letsencrpt.sh

If you have any issues you can always revert to the self signed certs by removing the modSSL keys and starting again. I think I mention this on the wiki page.

Please let me know if there are any issues. I can't guantee instant response but will get to it when I can.

B. Rgds
John