Tags:
ssl
devops
programming
Status:
release
Date:
2016-01-31
Let's Encrypt with Pivotal CWF
Let's Encrypt Stuff
- Get the Cert
- clone the Github repo
- run
./letsencrypt-auto certonly --standalone -d example.com -d www.example.com - ensure your site responds to
/.well-known/acme-challenge... - note: if you use multiple domains, you'll need to respond to each key. For rails, I have a route that responds conditionally to each key
- find the
.pemin/etc/letsencrypt/live/example.com/fullchain.pem catthe.keytext frometc/letsencrypt/keys/0001_key-letsencrypt.pem
Pivotal Cloud Foundry Stuff
- add a domain
- add a ssl cert
- upload the .pem and .key text from above into the "Manage" section of the SSL-Addon service in Pivotal Web Services
- create routes
cf create-route my-space private-domain.comreference: https://docs.run.pivotal.io/devguide/deploy-apps/routes-domains.html#private-domains
DNS Stuff
- update the CNAME of your webhost to point to the new SSL-enabled endpoint on PWS, example:
www.example.com-abcd1234.ssl.run.pivotal.io