How to use letsencrypt to enable https on debian jessie

Today I want to document how I enabled https on a website on a server run by debian jessie using the letsencrypt project.

The first step is, obviously, to install the letsencrypt package. Obviously enough a search for the package (i.e. apt-cache search letsencrypt) shows that this package is not available in the debian jessie distribution. But thanks to the official Debian Backports project, we can get package anyway.  Just follow the instructions on the website and then a simple command (apt-get -t jessie-backports install letsencrypt) installs our beloved letsencrypt package.

If you are using apache like me, you should also install the apache plugin for letsencrypt (apt-get -t jessie-backports install python-letsencrypt-apache) and the libaugeas0 (apt-get install libaugeas0) library.

After this, changing your http website to https is easily done via: letsencrypt –apache -d subdomain.example.net . This command asks you some questions and after that, voila, everything is done. No need for any additional configuration.

More information how to use the letsencrypt client or how to install it on other systems can be found in this PDF documentation.

Beware: I don’t know if the renewal of the certificates is now done automatically. If they expire and I have to renew them, I will update this article how to do this.

P.S.: If you are using owncloud and you are battling with trying to tell your linux owncloud-client to use now https instead of http: Don’t wrestle with the graphical interface, it won’t allow you this. Just edit the owncloud config file /home/<YOURUSER>/.local/share/data/ownCloud/owncloud.cfg  by changing the url from http to https.

P.P.S.: You can use the online SSL Server Test Service to validate your https Website and get information about how it is configured and if it is vulnerable.

Tags: , , , , ,

One Response to “How to use letsencrypt to enable https on debian jessie”

  1. Snorlax Says:

    Let’s encrypt and Debian r my options

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: