First time using LetsEncrypt so I wanted to check before I did this. I want to create a certificate for my hostname as well as the other services (ftp, pop3, imap, smtp, interworx-ssl, web-server, etc).
Is just generating a cert using the below command with certbot good enough for this? Going to generate the cert with the hostname and then use the cert/privkey to update all services. I use mail.domain.com instead of hostname.domain.com for mail though, so I assume I’ll have to create a separate one for mail, or will the hostname one work for that as well?
If you upgrade to release candidate, multi CN is an option
However, it has only just come out of beta and I reported a bug with it, which Nathan reviewed and found a missing symlink, so will be in beta for a few weeks I guess
Should work lovely once it released from beta
Hope that helps
The single SSL cert should cover all CN you have selected
you reported a bug with the multi CN feature? Does said bug prevent it from working? Would rather a manual option that works right now then waiting a few weeks for it to get fixed
An unexpected error occurred:
ImportError: version conflict: ‘/usr/lib64/python2.7/site-packages/psutil/_psutil_linux.so’ C extension module was built for another version of psutil (different than 2.2.1)
Please see the logfile ‘certbot.log’ for more details.
Log File:
Traceback (most recent call last):
File “/usr/bin/certbot”, line 9, in <module>
load_entry_point(‘certbot==0.8.1’, ‘console_scripts’, ‘certbot’)()
File “/usr/lib/python2.7/site-packages/certbot/main.py”, line 700, in main
plugins = plugins_disco.PluginsRegistry.find_all()
File “/usr/lib/python2.7/site-packages/certbot/plugins/disco.py”, line 174, in find_all
plugin_ep = PluginEntryPoint(entry_point)
File “/usr/lib/python2.7/site-packages/certbot/plugins/disco.py”, line 33, in init
self.plugin_cls = entry_point.load()
File “/usr/lib/python2.7/site-packages/pkg_resources/init.py”, line 2229, in load
return self.resolve()
File “/usr/lib/python2.7/site-packages/pkg_resources/init.py”, line 2235, in resolve
module = import(self.module_name, fromlist=[‘name’], level=0)
File “/usr/lib/python2.7/site-packages/certbot/plugins/standalone.py”, line 19, in <module>
from certbot.plugins import util
File “/usr/lib/python2.7/site-packages/certbot/plugins/util.py”, line 5, in <module>
import psutil
File “/usr/lib64/python2.7/site-packages/psutil/init.py”, line 181, in <module>
raise ImportError(msg)
ImportError: version conflict: ‘/usr/lib64/python2.7/site-packages/psutil/_psutil_linux.so’ C extension module was built for another version of psutil (different than 2.2.1)
There’s another thread started I thought about this
You should be able to add hostname as a siteworx account and create SSL using generate using LE, then copy and paste into hostname SSL of nodeworx
You may also be able to run LE manually, if your DNS records are correct and tell it where to save the files, but this method, I have not tried
Please understand though, LE is not a wildcard SSL and would need renewing every 2 or 3 months. Sorry, I cannot remember the exact time length the LE SSL runs for