Jump to content

Setup let’s encrypt on FreeBSD

Linux Hint

Recommended Posts

This tutorial is about installing Let’s Encrypt, a Certificate Authority (CA) that alleviates the process of TLS/SSL certification. The TLS/SSL certification, in turn, serves as an indispensable element of HTTPS authentication on an online server. Let’s Encrypt comes with a software client named Certbot that employs automation techniques to strips the certification process of any intricate technicalities for the user’s convenience.

In this article, we’ll explain how to set up let’s Encrypt on FreeBSD and list some of the fundamentals to help you start with it.

How to install Certbot

The latest release for Certbot can be acquired by downloading and extracting the python packages. Use the pkg command as under if you're using Python 2.7:

$ pkg install py27-certbot


And if you’re using python 3.7, type in:

$ pkg install py37-certbot


The command above should install Certbot on your FreeBSD system.

Getting started with Certbot

Register Certbot

Before we begin creating certificates, we’ll need a /usr/local/etc/letsencrypt/letsencrypt.ini file for our user account. Type out the contents below in your file:

# rsa-key-size = 4096

# server = https://acme-v02.api.letsencrypt.org/directory

# email = email@domain.tld

# text = True

# agree-tos = True

# renew-by-default = True

# authenticator = standalone


Then issue the command below in the shell to register Certbot:

$ certbot register


Create a Certificate With Certbot

Creating a certificate with Certbot is as simple as it gets: use the standalone server for TLS/SSL authentication.

However, using the standalone server means putting your web server on hold for a few seconds. If you cannot afford to shut down the hosting service, you can create certificates with webroot.

To create a certificate with webroot, type out the following command in the shell:

$ certbot certonly -c /usr/local/etc/letsencrypt/letsencrypt.ini -d domain.tld -d www.domain.tld


Renew certifications with Certbot

The certifications can be updated automatically with Certbot. Type in the command below to update your certificates with Certbot.

$ certbot renew


Erasing certificates

Deleting certificates with certbot is very easy, as long as you know the exact name of the certificate you want to be deleted. To list all the authenticated certificate

$ certbot certificates

The screenshot below shows the likely output you’ll get out of this command:

The command syntax for deleting a certificate with certbot is:

$ certbot delete --cert-name domain.tld

The referenced certificate should be deleted with the command above.

Wrapping up

Ok, folks, this tutorial was about setting up Let’s Encrypt on a FreeBSD system and using the Certbot supervisor to automatically create, authenticate and remove TLS/SSL certificates.

Certbot can be vital for users who frequently have to update certificates themselves, manually, which can be a tedious process.

View the full article

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...