Let’s Encrypt Renewal

Yeah yeah, SSL certificates expired like what, a month and a half ago? Anyway, I needed to renew it but it attached a bunch of domains to the certificate on this host and I needed to start over. There are a bunch of options but the most straighforward for me was to just delete everything and start over. So, in the shell:

# cp /etc/letsencrypt /etc/letsencrypt.backup -r
# rm -rf /etc/letsencrypt/live
# rm -rf /etc/letsencrypt/archive
# rm -rf /etc/letsencrypt/renewal/YOURCERTIFICATEDOMAIN.conf
# certbot certonly

At this point it’ll ask you for webroot an’ stuff so just answer the questions and nobody gets hurt. These instructions work for Apache but I’m using NginX, so then you have to edit the configuration for the site(s) in /etc/nginx/sites-available/. There will be a couple lines going like:

ssl_certificate /etc/letsencrypt/live/OLDCERTIFICATEDOMAIN/fullchain.pem; # managed by Certbot
ssl_certificate /etc/letsencrypt/archive/OLDCERTIFICATEDOMAIN/fullchain.pem; # managed by Certbot

Just update them to point to the most current certification location, then restart NginX with service nginx restart

HTTPS

I done went and got SSL on this here site by way of Let’s Encrypt. It was pretty easy.

Not so easy was the run up to get it installed:

  • Update Debian with latest packages
  • Realize Debian is now on oldstable (jessie)
  • Update Debian to stable (squeeze)
  • BREAK EVERYTHING
  • Kinda-sorta fix it (aptitute still suicides on forking)
  • Run $ sudo certbot --nginx and marvel at how far we’ve come along

The last time I tries setting up SSL was a total pain in the ass, and it only got me a self-signed certificate that all of the browsers kept complaining about.

Yay for one thing taken off the bucket list. As an aside, I changed the permalink structure cos long URLs that use a date/time format are annoying and hard to remember. I got the idea for switching from here. I hear it plays hell with your SEO but I don’t particularly care about it here. Everyday at work I suffer from URLs that mean one thing for one person but something entirely different for someone else depending what they are doing.

Annoying as fuck, let me tell you.

Now I just need to figure out a plugin that will let me type stuff into the WP editor in markdown/commonmark, and not make the plugins kill themselves.