Lets-Encrypt Certificate

Revision as of 08:05, 16 May 2022 by Dpaine (talk | contribs) (Created page with "== Install a free lets-encrypt certificate with win-acme == *Got the instructions [https://www.snel.com/support/install-lets-encrypt-with-apache-on-windows-server-2019/ on th...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Install a free lets-encrypt certificate with win-acme

  • Got the instructions on this page with a couple minor changes. This page has screenshots also.

When I tried this the second time I got an error because I had mis-spelled the domain. I tried to start over and got an error about the http listener already in use. I rebooted and tried again - this worked.

Step 1: Log in with RDP into Windows Server 2019
Step 2: Download Let’s Encrypt client. Visit the website of Win-acme to download the latest version. Get the x64 pluggable archive. Extract the downloaded zip to C:\win-acme.
Step 3: Create a batch file with the following command and save it to C:\win-acme\Scripts\RestartApache.bat net stop "Apache2.4" & sc start "Apache2.4"
Step 4: In an elevated command prompt CD into the C:\win-acme folder and start wacs.exe.
Step 5: Issue certificate

  • Choose Create certificate with full options - Enter M in the command prompt and enter
  • When prompted for how the domain names will be included, Choose manual input - for me it was 2 - and enter
  • Enter the domain name you want for the certificate suan-alpha.analytica.com and enter
  • When prompted for a friendly name either enter one or leave it blank and then enter
  • When prompted how you want to verify you are the owner of the domain, enter the number for Save files on local or network path
  • It should then prompt for the root of the site - enter C:\Apache24\htdocs
  • When prompted to Copy default web config? enter N no
  • When prompted for type of private key - enter the option for RSA
  • When prompted how you would like to store the certificate enter the option for PEM encoded files (Apache, nginx, etc.)
  • Next at the prompt for where the certificates are stored enter C:\Apache24\conf
  • When prompted to store the certificate in another way too? enter the number for No additional store steps.
  • When prompted for more steps to update your application, enter the number for Start external script or program
  • It will ask for the path to the program, enter C:\win-acme\Scripts\RestartApache.bat
  • Next it prompt you enter the parameter format string for the script - enter {StoreType} {StorePath} {RenewalId}
  • Next when it asks Add another installation step? enter the number for No.
  • Next the path to the terms of service is shown, do you want to open in the default application? Choose nunless you want to see it
  • Do you agree with the terms? Select yes
  • Next it will ask for an email address for notifications - enter one
  • Do you want to specify the user the task will run as? enter yes
  • Enter the user - I entered my username
  • Then enter the user's password
  • You should be done, Quit.
Comments


You are not allowed to post comments.