A civic-minded citizen seeking the singularity

An entry

Let's Encrypt with Pivotal CWF

Date: 2016-01-31
Status: release
Tags: ssl devops programming

Let's Encrypt Stuff

  • Get the Cert
    • clone the Github repo
    • run ./letsencrypt-auto certonly --standalone -d example.com -d www.example.com
    • ensure your site responds to /.well-known/acme-challenge...
    • note: if you use multiple domains, you'll need to respond to each key. For rails, I have a route that responds conditionally to each key
    • find the .pem in /etc/letsencrypt/live/example.com/fullchain.pem
    • cat the .key text from etc/letsencrypt/keys/0001_key-letsencrypt.pem

Pivotal Cloud Foundry Stuff

DNS Stuff

  • update the CNAME of your webhost to point to the new SSL-enabled endpoint on PWS, example: www.example.com-abcd1234.ssl.run.pivotal.io