Today I wanted to add HTTPS support using Let’s Encrypt certificates for couple of old sites on very outdated legacy server, running Ubuntu 10.04.4 LTS and apache2.
The default “certbot” client which I’m using on other servers didn’t work because of outdated python and openssl version, so after some googling and trying couple of other clients, I finally found one that worked easy and flawlessly. It’s called acme.sh – https://github.com/Neilpang/acme.sh
After setup I ran (as root):
acme.sh --issue -d domain.com -d www.domain.com /home/domain/html/ \ -d otherdomain.com -w /home/otherdomain/html/ \ --certpath /etc/ssl/certs/domain.crt \ --keypath /etc/ssl/certs/domain.key \ --fullchainpath /etc/ssl/certs/intermediate.pem \ --reloadcmd "service apache2 restart"
In apache config file for the virtual host I added:
SSLEngine on SSLCertificateFile /etc/ssl/certs/domain.crt SSLCertificateKeyFile /etc/ssl/certs/domain.key SSLCertificateChainFile /etc/ssl/certs/intermediate.pem
And finally added acme.sh to crontab as described in its github page.