[TOP TIP] Let's encrypt bash script!

Small linodes with low memory may have trouble running the python client for Let's Encrypt.

I found a rather impressive client, fully written as a bash script, which has a very low memory footprint and runs beautifully on linode servers. I'm not the author, but I think others may find it useful, you can get it from: https://github.com/lukas2511/dehydrated (old url: https://github.com/lukas2511/letsencrypt.sh)

I've been using it for quite some time over the python client and I'm very happy, it is very nicely coded and has active support from the developer. Here is how I've set it up:

• download under /root/letsencrypt

• create the directory /etc/pki/letsencrypt

• create the file /etc/pki/letsencrypt/domains.txt

• add all my domains/subdomains/aliases into the domains.txt file

• modify the config.sh file to point BASEDIR to /etc/pki/letsencrypt

• modify the config.sh file to point CONTACT_EMAIL to an email address

• modify the config.sh file to point WELLKNOWN to a publicly accessible web directory (port 80 only!)

• run /root/letsencrypt/letsencrypt.sh –cron --config /root/letsencrypt/config.sh

You may then symlink the certificates from /etc/pki/letsencrypt/certs/ to /etc/pki/tls/ (certs & private)

Here is a quick cron job to make the above run once per day:

#minute (0-59)
#|   hour (0-23)
#|   |    day of the month (1-31)
#|   |    |   month of the year (1-12 or Jan-Dec)
#|   |    |   |   day of the week (0-6 with 0=Sun or Sun-Sat)
#|   |    |   |   |   commands
#|   |    |   |   |   |

4    4    *   *   *   /root/letsencrypt/dehydrated --cron --config /root/letsencrypt/config --challenge http-01 >/dev/null

edit

The project changed its name to "Dehydrated" because "letsencrypt.sh" was too similar to the official name of Let's Encrypt. I updated the download link above, but the rest of the instructions remain the same. I also added the cron job command. Enjoy…