davidoster / letsencrypt-fast Goto Github PK

The fastest way to test/generate/renew Let's Encrypt SSL certificates!!! Requires root access and a live webserver to run the script at.

License: GNU General Public License v3.0

Shell 100.00%

ssl-certificate flavours renewal expiration lets-encrypt free certificate

letsencrypt-fast's Introduction

letsencrypt-fast

The fastest way to test/generate/renew Let's Encrypt SSL certificates!!!

Requires root access and a live webserver to run the script at.

The script must run on the live web server.

It supports multiple domains/sites on the same server to obtain a valid SSL certificate.

IT DOES NOT stop the server from running in order to validate!

If put on cron it renews automatically 7 days before expiration.

These scripts are based on the excellent work of the people at https://zerossl.com/.

Contains two (2) bash scripts:

install.sh that will install and create the appropriate directories
le.sh that handles all the SSL certificate generation/renewing

The install.sh script is for an Ubuntu/Debian Linux flavour.

If you need to install zerossl for another flavour just navigate here: https://zerossl.com/installation.html

Steps to install

wget https://raw.githubusercontent.com/davidoster/letsencrypt-fast/master/install.sh
sudo chmod 744 ./install.sh
./install.sh

Usage

Arguments

domain = just the name of the domain without the TLD (.xyz) part
www.domain.com,domain.com = the name of the domains you want to register. They need to be comma (,) separated
path to web domain files = the full web path of your site, e.g. /var/html/www/
operation = valid operations are: -t for testing, -l for true generation, -r for auto renewal on 7 days before expiration

Running

For testing

./le.sh domain www.domain.com,domain.com /path/to/webdomain/files/ -t

For real generation

./le.sh domain www.domain.com,domain.com /path/to/webdomain/files/ -l

For renewal (does it 7 days before expiration automatically)

./le.sh domain www.domain.com,domain.com /path/to/webdomain/files/ -r

Auto Renewal

Run the above command in host's cron, e.g.

0 18 * * 1,3,5 root /root/software/le.sh domain domain.com,www.domain.com /path/to/domain/ -r > /dev/null 2>&1

Certificate Files

You can find the domain.crt and domain.key files under

/root/software/keys/domain.key and use these paths to your webserver,

e.g.

/root/software/keys/domain.key/domain.crt

/root/software/keys/domain.key/domain.key

Also inside this directory you can find the domain.csr file along with the file account.key for the domain in let's encrypt systems.

This is a script to help people create their FREE SSL certificate for their site(s) in a very fast and convenient way. It uses the approach from https://zerossl.com/ and installs various Perl packages in order to work. For questions or enhancements : support [at] eletter [dot] gr

**Arrow by Freepik - http://www.freepik.com/free-vector/colorful-indian-arrows_805475.htm

Courtesy of https://eLetter.gr for public unrestricted use!

letsencrypt-fast's People

Contributors

Stargazers

Watchers

Forkers

mihail-kostov w4fz5uck5 vunamhung 5l1v3r1 geopand

letsencrypt-fast's Issues

Does this work?

Web noobie here, got a website running on digital ocean with LAMP install apache2. SSH access. website: www.goeasysmile.com

So do I just follow the: "Steps to install" (which create the appropriate directories)
then: "le.sh that handles all the SSL certificate generation/renewing" (something like "le.sh domain www.goeasysmile.com,goeasysmile.com /var/www/html/ -l")

(i read somewhere that let's encrypt doesn't do multiple subdomains?)

and is that it? my site will have https now with auto renew activated?

Thanks any help appreciated, will wait for your response before moving forward.

Been looking at tutorials like this but they look so long and complicated https://www.digitalocean.com/community/tutorials/how-to-install-an-ssl-certificate-from-a-commercial-certificate-authority

Just looking for basic https for my site to remove the "not secure" thing that pops up when people buy stuff with their credit cards.

Tests fails on ubuntu 20.04 x64 on install

Hi,

Thanks for your script, anyway I encounter a problem with some tests which prevent install.
It's related to this bug

I already have added a missing dependency zlib1g-dev which prevent ld: cannot find -lz error

For your information, it's an LXC container
Linux web 4.15.18-30-pve #1 SMP PVE 4.15.18-58 (Fri, 12 Jun 2020 13:53:01 +0200) x86_64 x86_64 x86_64 GNU/Linux

Compilation log with Net::SSLeay error

Test::More is up to date. (1.302183)
--> Working on Crypt::LE
Fetching http://www.cpan.org/authors/id/L/LE/LEADER/Crypt-LE-0.36.tar.gz ... OK
Configuring Crypt-LE-0.36 ... OK
==> Found dependencies: IO::Socket::SSL, Net::SSLeay
--> Working on IO::Socket::SSL
Fetching http://www.cpan.org/authors/id/S/SU/SULLR/IO-Socket-SSL-2.068.tar.gz ... OK
==> Found dependencies: Net::SSLeay
--> Working on Net::SSLeay
Fetching http://www.cpan.org/authors/id/C/CH/CHRISN/Net-SSLeay-1.88.tar.gz ... OK
Configuring Net-SSLeay-1.88 ... OK
Building and testing Net-SSLeay-1.88 ... FAIL
! Installing Net::SSLeay failed. See /root/.cpanm/work/1607553348.8699/build.log for details. Retry with --force to force install it.
! Installing the dependencies failed: Module 'Net::SSLeay' is not installed
! Bailing out the installation for IO-Socket-SSL-2.068.
! Installing the dependencies failed: Module 'Net::SSLeay' is not installed, Module 'IO::Socket::SSL' is not installed
! Bailing out the installation for Crypt-LE-0.36.

Compilation log with Net::SSLeay error more verbose on the fail part

Manifying 2 pod documents
"/usr/bin/perl" -MExtUtils::Command::MM -e 'cp_nonempty' -- SSLeay.bs blib/arch/auto/Net/SSLeay/SSLeay.bs 644
PERL_DL_NONLAZY=1 "/usr/bin/perl" "-MExtUtils::Command::MM" "-MTest::Harness" "-e" "undef *Test::Harness::Switches; test_harness(0, 'blib/lib', 'blib/arch')" t/local/*.t t/handle/local/*.t
t/handle/local/05_use.t ................ ok   
t/local/01_pod.t ....................... skipped: Test::Pod 1.00 required for testing POD
t/local/02_pod_coverage.t .............. skipped: these tests are for only for release candidate testing. Enable with RELEASE_TESTING=1
t/local/03_use.t ....................... 1/1 # 
# Testing Net::SSLeay 1.88
# 
# Perl information:
#   Version:         '5.030000'
#   Executable path: '/usr/bin/perl'
# 
# libssl information:
#   SSLEAY_VERSION:      'OpenSSL 1.1.1f  31 Mar 2020'
#   SSLEAY_CFLAGS:       'compiler: gcc -fPIC -pthread -m64 -Wa,--noexecstack -Wall -Wa,--noexecstack -g -O2 -fdebug-prefix-map=/build/openssl-OIe5k7/openssl-1.1.1f=. -fstack-protector-strong -Wformat -Werror=format-security -DOPENSSL_TLS_SECURITY_LEVEL=2 -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAESNI_ASM -DVPAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DNDEBUG -Wdate-time -D_FORTIFY_SOURCE=2'
#   SSLEAY_BUILT_ON:     'built on: Wed Dec  2 14:52:44 2020 UTC'
#   SSLEAY_PLATFORM:     'platform: debian-amd64'
#   SSLEAY_DIR:          'OPENSSLDIR: "/usr/lib/ssl"'
#   OPENSSL_ENGINES_DIR: 'ENGINESDIR: "/usr/lib/x86_64-linux-gnu/engines-1.1"'
t/local/03_use.t ....................... ok   
t/local/04_basic.t ..................... ok     
t/local/05_passwd_cb.t ................. ok     
t/local/06_tcpecho.t ................... ok   
t/local/07_sslecho.t ................... ok       
t/local/08_pipe.t ...................... ok     
t/local/09_ctx_new.t ................... ok     
t/local/10_rand.t ...................... ok     
t/local/11_read.t ...................... ok     
t/local/15_bio.t ....................... ok   
t/local/20_autoload.t .................. skipped: Some tests need Test::Exception
t/local/21_constants.t ................. skipped: Some tests need Test::Exception
t/local/30_error.t ..................... skipped: Requires Test::Exception, Test::Warn and Test::NoWarnings
t/local/31_rsa_generate_key.t .......... skipped: Test::Exception required
t/local/32_x509_get_cert_info.t ........ ok         
t/local/33_x509_create_cert.t .......... ok       
t/local/34_x509_crl.t .................. ok     
t/local/35_ephemeral.t ................. skipped: libressl and OpenSSL 1.1 removed support for ephemeral/temporary RSA private keys
t/local/36_verify.t .................... ok       
t/local/37_asn1_time.t ................. ok     
t/local/38_priv-key.t .................. ok     
t/local/39_pkcs12.t .................... ok     
t/local/40_npn_support.t ............... Use of uninitialized value in string eq at t/local/40_npn_support.t line 93.
Use of uninitialized value in numeric eq (==) at t/local/40_npn_support.t line 94.
t/local/40_npn_support.t ............... 1/7 
#   Failed test 'P_next_proto_negotiated/server'
#   at t/local/40_npn_support.t line 59.
#          got: 'spdy/2'
#     expected: undef

#   Failed test 'ssl_read_all compare'
#   at t/local/40_npn_support.t line 62.
#          got: ''
#     expected: 'ssleay-npn-test'

#   Failed test 'P_next_proto_negotiated/client'
#   at /usr/local/share/perl/5.30.0/Test/Builder.pm line 193.

#   Failed test 'P_next_proto_last_status/client'
#   at /usr/local/share/perl/5.30.0/Test/Builder.pm line 193.
# Looks like you failed 2 tests of 7.
t/local/40_npn_support.t ............... Dubious, test returned 2 (wstat 512, 0x200)
Failed 4/7 subtests 
t/local/41_alpn_support.t .............. Use of uninitialized value in string eq at t/local/41_alpn_support.t line 92.
t/local/41_alpn_support.t .............. 1/6 
#   Failed test 'P_alpn_selected/server'
#   at t/local/41_alpn_support.t line 58.
#          got: undef
#     expected: 'spdy/2'

#   Failed test 'ssl_read_all compare'
#   at t/local/41_alpn_support.t line 61.
#          got: ''
#     expected: 'ssleay-alpn-test'

#   Failed test 'P_alpn_selected/client'
#   at /usr/local/share/perl/5.30.0/Test/Builder.pm line 193.
# Looks like you failed 1 test of 6.
t/local/41_alpn_support.t .............. Dubious, test returned 1 (wstat 256, 0x100)
Failed 3/6 subtests 
t/local/42_info_callback.t ............. 1/2 
#   Failed test 'ctx: CB_HANDSHAKE_START CB_CONNECT_EXIT'
#   at t/local/42_info_callback.t line 100.

#   Failed test 'ssl: CB_HANDSHAKE_START CB_CONNECT_EXIT'
#   at t/local/42_info_callback.t line 100.
# Looks like you failed 2 tests of 2.
t/local/42_info_callback.t ............. Dubious, test returned 2 (wstat 512, 0x200)
Failed 2/2 subtests 
t/local/43_misc_functions.t ............ ok     
t/local/44_sess.t ...................... Use of uninitialized value $end in string eq at t/local/44_sess.t line 219.
t/local/44_sess.t ...................... Failed 58/58 subtests 
t/local/45_exporter.t .................. ^Cmake: *** [Makefile:1065: test_dynamic] Interrupt

Did you have a fix ?

le.pl not found

When i issue the command, i get the following

Testing...
./le.sh: line 33: le.pl: command not found

Please where is the file for le.pl

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.

Jobs

Jooble