{"id":524,"date":"2020-10-09T09:19:30","date_gmt":"2020-10-09T14:19:30","guid":{"rendered":"http:\/\/nukeitmike.com\/blog\/?p=524"},"modified":"2020-10-09T09:19:30","modified_gmt":"2020-10-09T14:19:30","slug":"lets-encrypt","status":"publish","type":"post","link":"https:\/\/blog.nukeitmike.com\/index.php\/2020\/10\/09\/lets-encrypt\/","title":{"rendered":"Let\u2019s Encrypt"},"content":{"rendered":"

As I posted previously, I am working on moving all of my websites to Azure.  I started with the easiest one, which is a static page.  So far, I have moved it, and it is now reachable via HTTPS, but not without the \u2018www\u2019.  While that isn\u2019t important for that particular site, it is important for this site, because there are at least 10 links to this site from external pages.  (Mostly people who copied the wrong link when they got lost and found themselves here, but still\u2026)<\/p>\n

If you haven\u2019t heard about it:<\/p>\n

\n

\u201dLet’s Encrypt is a free, automated, and open certificate authority brought to you by the nonprofit Internet Security Research Group (ISRG)<\/a>.\u201d<\/p>\n<\/blockquote>\n

Since I am not making money off of any of my sites, I am happy with the \u2018free\u2019 price.<\/p>\n

Let\u2019s Encrypt is geared toward making certificate renewal easy and automated.  As I have mentioned before, easy doesn\u2019t always work for me.  <\/p>\n

The way you work with Let\u2019s Encrypt is via software running the \u2018ACME protocol\u2019<\/a>.  In this case, ACME is Automatic Certificate Management Environment.  In this post, we are going to remove as much of the \u2018Automatic\u2019 as possible.<\/p>\n

First up, I am a Windows guy, and at the moment, I am really not interested in automating the certificate process.  (I will be later, but not today.)  So I first download the Certbot installer for Windows at <\/p>\n

https:\/\/dl.eff.org\/certbot-beta-installer-win32.exe<\/a><\/p>\n

and then get complained at by my computer because this isn\u2019t often downloaded, and looks funny.<\/p>\n

Once you install it, navigate to the install directory and run the \u2018run.bat\u2019.  It wants to run elevated, and begins with the friendly instruction to run \u2018certbot\u2019 commands here, and tells you how to find help:
\"image\"<\/a><\/p>\n

To get to where I need to go, I need to do the Cert only option:<\/p>\n

\"image\"<\/a><\/p>\n

Enter your email, agree to the Terms of Service, agree to be emailed (or not) by EFF, and then enter your domain names.<\/p>\n

\"image\"<\/a><\/p>\n

Fun fact, they log the IP requesting the cert.  I am requesting it from a computer that is NOT the host for my domain.  Also, I need to get the cert to make the root work, so I need to use the DNS challenge.  To get to that, I needed to run \u2018certbot \u2013manual \u2013preferred-challenge dns\u2019.  After running that, it gives me a DNS TXT entry to add, which will verify I own the domain.  Once the text value is entered, hit enter to continue, and get your cert:
\"image\"<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

As I posted previously, I am working on moving all of my websites to Azure.  I started with the easiest one, which is a static page.  So far, I have moved it, and it is now reachable via HTTPS, but not without the \u2018www\u2019.  While that isn\u2019t important for that particular site, it is important… Continue reading Let\u2019s Encrypt<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"advanced_seo_description":"","jetpack_seo_html_title":"","jetpack_seo_noindex":false,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[37],"tags":[59,60,113],"class_list":["post-524","post","type-post","status-publish","format-standard","hentry","category-web-stuff","tag-certbot","tag-certificate","tag-lets-encrypt","entry"],"jetpack_featured_media_url":"","jetpack-related-posts":[],"jetpack_likes_enabled":true,"jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pcW544-8s","_links":{"self":[{"href":"https:\/\/blog.nukeitmike.com\/index.php\/wp-json\/wp\/v2\/posts\/524","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.nukeitmike.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.nukeitmike.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.nukeitmike.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.nukeitmike.com\/index.php\/wp-json\/wp\/v2\/comments?post=524"}],"version-history":[{"count":0,"href":"https:\/\/blog.nukeitmike.com\/index.php\/wp-json\/wp\/v2\/posts\/524\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.nukeitmike.com\/index.php\/wp-json\/wp\/v2\/media?parent=524"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.nukeitmike.com\/index.php\/wp-json\/wp\/v2\/categories?post=524"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.nukeitmike.com\/index.php\/wp-json\/wp\/v2\/tags?post=524"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}