2015-01-25 15:30:24 -05:00
|
|
|
==============================
|
|
|
|
|
Using the Let's Encrypt client
|
|
|
|
|
==============================
|
|
|
|
|
|
2015-05-06 05:33:56 -04:00
|
|
|
Quick start
|
|
|
|
|
===========
|
|
|
|
|
|
2015-06-19 07:01:56 -04:00
|
|
|
Using Docker_ you can quickly get yourself a testing cert. From the
|
2015-05-06 05:33:56 -04:00
|
|
|
server that the domain your requesting a cert for resolves to,
|
2015-06-19 07:01:56 -04:00
|
|
|
`install Docker`_, issue the following command:
|
2015-05-06 05:33:56 -04:00
|
|
|
|
|
|
|
|
.. code-block:: shell
|
|
|
|
|
|
|
|
|
|
sudo docker run -it --rm -p 443:443 --name letsencrypt \
|
2015-05-19 18:01:01 -04:00
|
|
|
-v "/etc/letsencrypt:/etc/letsencrypt" \
|
|
|
|
|
-v "/var/lib/letsencrypt:/var/lib/letsencrypt" \
|
2015-06-24 00:53:11 -04:00
|
|
|
quay.io/letsencrypt/letsencrypt:latest
|
2015-05-06 05:33:56 -04:00
|
|
|
|
2015-06-19 07:01:56 -04:00
|
|
|
and follow the instructions. Your new cert will be available in
|
2015-05-06 05:33:56 -04:00
|
|
|
``/etc/letsencrypt/certs``.
|
|
|
|
|
|
2015-06-19 07:01:56 -04:00
|
|
|
.. _Docker: https://docker.com
|
|
|
|
|
.. _`install Docker`: https://docs.docker.com/docker/userguide/
|
|
|
|
|
|
2015-05-06 05:33:56 -04:00
|
|
|
|
2015-06-19 07:00:00 -04:00
|
|
|
Getting the code
|
|
|
|
|
================
|
|
|
|
|
|
|
|
|
|
Please `install Git`_ and run the following commands:
|
|
|
|
|
|
|
|
|
|
.. code-block:: shell
|
|
|
|
|
|
2015-06-24 00:53:11 -04:00
|
|
|
git clone https://github.com/letsencrypt/letsencrypt
|
|
|
|
|
cd letsencrypt
|
2015-06-19 07:00:00 -04:00
|
|
|
|
|
|
|
|
Alternatively you could `download the ZIP archive`_ and extract the
|
|
|
|
|
snapshot of our repository, but it's strongly recommended to use the
|
|
|
|
|
above method instead.
|
|
|
|
|
|
|
|
|
|
.. _`install Git`: https://git-scm.com/book/en/v2/Getting-Started-Installing-Git
|
|
|
|
|
.. _`download the ZIP archive`:
|
2015-06-24 00:53:11 -04:00
|
|
|
https://github.com/letsencrypt/letsencrypt/archive/master.zip
|
2015-06-19 07:00:00 -04:00
|
|
|
|
|
|
|
|
|
2015-09-27 16:57:31 -04:00
|
|
|
.. _prerequisites:
|
|
|
|
|
|
2015-01-25 15:30:24 -05:00
|
|
|
Prerequisites
|
|
|
|
|
=============
|
|
|
|
|
|
2015-04-02 07:32:38 -04:00
|
|
|
The demo code is supported and known to work on **Ubuntu and
|
|
|
|
|
Debian**. Therefore, prerequisites for other platforms listed below
|
|
|
|
|
are provided mainly for the :ref:`developers <hacking>` reference.
|
2015-01-25 15:30:24 -05:00
|
|
|
|
|
|
|
|
In general:
|
|
|
|
|
|
2015-04-14 10:18:11 -04:00
|
|
|
* ``sudo`` is required as a suggested way of running privileged process
|
2015-06-12 08:58:17 -04:00
|
|
|
* `Augeas`_ is required for the Python bindings
|
2015-01-26 08:58:24 -05:00
|
|
|
|
2015-01-25 15:30:24 -05:00
|
|
|
|
|
|
|
|
Ubuntu
|
|
|
|
|
------
|
|
|
|
|
|
2015-03-22 18:25:50 -04:00
|
|
|
.. code-block:: shell
|
2015-01-25 15:30:24 -05:00
|
|
|
|
2015-04-14 10:18:11 -04:00
|
|
|
sudo ./bootstrap/ubuntu.sh
|
2015-01-25 15:30:24 -05:00
|
|
|
|
|
|
|
|
|
2015-04-02 07:32:38 -04:00
|
|
|
Debian
|
|
|
|
|
------
|
|
|
|
|
|
|
|
|
|
.. code-block:: shell
|
|
|
|
|
|
2015-04-14 10:18:11 -04:00
|
|
|
sudo ./bootstrap/debian.sh
|
2015-04-02 07:32:38 -04:00
|
|
|
|
2015-05-17 02:52:33 -04:00
|
|
|
For squeeze you will need to:
|
2015-04-02 07:32:38 -04:00
|
|
|
|
|
|
|
|
- Use ``virtualenv --no-site-packages -p python`` instead of ``-p python2``.
|
|
|
|
|
|
|
|
|
|
|
2015-06-24 00:53:11 -04:00
|
|
|
.. _`#280`: https://github.com/letsencrypt/letsencrypt/issues/280
|
2015-04-02 07:32:38 -04:00
|
|
|
|
|
|
|
|
|
2015-01-25 15:30:24 -05:00
|
|
|
Mac OSX
|
|
|
|
|
-------
|
|
|
|
|
|
2015-03-22 18:25:50 -04:00
|
|
|
.. code-block:: shell
|
2015-01-26 08:58:24 -05:00
|
|
|
|
2015-07-23 03:47:11 -04:00
|
|
|
./bootstrap/mac.sh
|
2015-01-25 15:30:24 -05:00
|
|
|
|
2015-06-18 09:55:32 -04:00
|
|
|
|
2015-06-18 09:59:59 -04:00
|
|
|
Fedora
|
|
|
|
|
------
|
|
|
|
|
|
|
|
|
|
.. code-block:: shell
|
|
|
|
|
|
|
|
|
|
sudo ./bootstrap/fedora.sh
|
|
|
|
|
|
|
|
|
|
|
2015-06-18 08:58:55 -04:00
|
|
|
Centos 7
|
|
|
|
|
--------
|
2015-06-18 09:55:32 -04:00
|
|
|
|
2015-06-18 08:58:55 -04:00
|
|
|
.. code-block:: shell
|
|
|
|
|
|
|
|
|
|
sudo ./bootstrap/centos.sh
|
2015-01-25 15:30:24 -05:00
|
|
|
|
|
|
|
|
|
2015-09-05 15:02:19 -04:00
|
|
|
FreeBSD
|
|
|
|
|
-------
|
|
|
|
|
|
|
|
|
|
.. code-block:: shell
|
|
|
|
|
|
2015-09-07 01:32:51 -04:00
|
|
|
sudo ./bootstrap/freebsd.sh
|
2015-09-05 15:02:19 -04:00
|
|
|
|
|
|
|
|
Bootstrap script for FreeBSD uses ``pkg`` for package installation,
|
|
|
|
|
i.e. it does not use ports.
|
|
|
|
|
|
|
|
|
|
FreeBSD by default uses ``tcsh``. In order to activate virtulenv (see
|
|
|
|
|
below), you will need a compatbile shell, e.g. ``pkg install bash &&
|
|
|
|
|
bash``.
|
|
|
|
|
|
|
|
|
|
|
2015-06-18 09:55:32 -04:00
|
|
|
Installation
|
2015-06-18 08:58:55 -04:00
|
|
|
============
|
|
|
|
|
|
2015-07-11 02:09:52 -04:00
|
|
|
.. "pip install acme" doesn't search for "acme" in cwd, just like "pip
|
2015-10-04 04:55:13 -04:00
|
|
|
install -e acme" does; `-U setuptools pip` necessary for #722
|
2015-07-11 02:09:52 -04:00
|
|
|
|
2015-06-18 08:58:55 -04:00
|
|
|
.. code-block:: shell
|
|
|
|
|
|
|
|
|
|
virtualenv --no-site-packages -p python2 venv
|
separate pip install -U setuptools pip
https://travis-ci.org/jsha/boulder/jobs/83762761#L557
Success: virtualenv --no-site-packages -p python2 ./venv
./venv/bin/pip install -U setuptools pip
Downloading/unpacking distribute from https://pypi.python.org/packages/source/d/distribute/distribute-0.7.3.zip#md5=c6c59594a7b180af57af8a0cc0cf5b4a
Downloading distribute-0.7.3.zip (145Kb): 145Kb downloaded
Running setup.py egg_info for package distribute
Downloading/unpacking pip from https://pypi.python.org/packages/source/p/pip/pip-7.1.2.tar.gz#md5=3823d2343d9f3aaab21cf9c917710196
Downloading pip-7.1.2.tar.gz (1.0Mb): 1.0Mb downloaded
Running setup.py egg_info for package pip
warning: no previously-included files found matching '.coveragerc'
warning: no previously-included files found matching '.mailmap'
warning: no previously-included files found matching '.travis.yml'
warning: no previously-included files found matching 'pip/_vendor/Makefile'
warning: no previously-included files found matching 'tox.ini'
warning: no previously-included files found matching 'dev-requirements.txt'
no previously-included directories found matching '.travis'
no previously-included directories found matching 'docs/_build'
no previously-included directories found matching 'contrib'
no previously-included directories found matching 'tasks'
no previously-included directories found matching 'tests'
Downloading/unpacking setuptools>=0.7 (from distribute)
Downloading setuptools-18.3.2.tar.gz (626Kb): 626Kb downloaded
Running setup.py egg_info for package setuptools
Installing collected packages: distribute, pip, setuptools
Found existing installation: distribute 0.6.24
Uninstalling distribute:
Successfully uninstalled distribute
Running setup.py install for distribute
Found existing installation: pip 1.1
Uninstalling pip:
Successfully uninstalled pip
Running setup.py install for pip
Traceback (most recent call last):
File "<string>", line 1, in <module>
ImportError: No module named setuptools
Complete output from command /home/travis/letsencrypt/venv/bin/python2 -c "import setuptools;__file__='/home/travis/letsencrypt/venv/build/pip/setup.py';exec(compile(open(__file__).read().replace('\r\n', '\n'), __file__, 'exec'))" install --single-version-externally-managed --record /tmp/pip-4lZMdG-record/install-record.txt --install-headers /home/travis/letsencrypt/venv/include/site/python2.7:
Traceback (most recent call last):
File "<string>", line 1, in <module>
ImportError: No module named setuptools
----------------------------------------
Rolling back uninstall of pip
Exception:
Traceback (most recent call last):
File "/home/travis/letsencrypt/venv/local/lib/python2.7/site-packages/pip-1.1-py2.7.egg/pip/basecommand.py", line 104, in main
status = self.run(options, args)
File "/home/travis/letsencrypt/venv/local/lib/python2.7/site-packages/pip-1.1-py2.7.egg/pip/commands/install.py", line 250, in run
requirement_set.install(install_options, global_options)
File "/home/travis/letsencrypt/venv/local/lib/python2.7/site-packages/pip-1.1-py2.7.egg/pip/req.py", line 1137, in install
requirement.rollback_uninstall()
File "/home/travis/letsencrypt/venv/local/lib/python2.7/site-packages/pip-1.1-py2.7.egg/pip/req.py", line 491, in rollback_uninstall
self.uninstalled.rollback()
File "/home/travis/letsencrypt/venv/local/lib/python2.7/site-packages/pip-1.1-py2.7.egg/pip/req.py", line 1450, in rollback
pth.rollback()
AttributeError: 'str' object has no attribute 'rollback'
Storing complete log in /home/travis/.pip/pip.log
[!] FAILURE: ./venv/bin/pip install -U setuptools pip
./venv/bin/pip install -r requirements.txt -e acme -e . -e letsencrypt-apache -e letsencrypt-nginx
Traceback (most recent call last):
File "./venv/bin/pip", line 5, in <module>
from pkg_resources import load_entry_point
ImportError: No module named pkg_resources
2015-10-05 16:06:48 -04:00
|
|
|
./venv/bin/pip install -U setuptools
|
|
|
|
|
./venv/bin/pip install -U pip
|
2015-07-11 02:09:52 -04:00
|
|
|
./venv/bin/pip install -r requirements.txt acme/ . letsencrypt-apache/ letsencrypt-nginx/
|
2015-06-18 09:55:32 -04:00
|
|
|
|
2015-06-19 06:49:18 -04:00
|
|
|
.. warning:: Please do **not** use ``python setup.py install``. Please
|
|
|
|
|
do **not** attempt the installation commands as
|
|
|
|
|
superuser/root and/or without Virtualenv_, e.g. ``sudo
|
|
|
|
|
python setup.py install``, ``sudo pip install``, ``sudo
|
|
|
|
|
./venv/bin/...``. These modes of operation might corrupt
|
|
|
|
|
your operating system and are **not supported** by the
|
|
|
|
|
Let's Encrypt team!
|
|
|
|
|
|
2015-01-25 15:30:24 -05:00
|
|
|
|
|
|
|
|
Usage
|
|
|
|
|
=====
|
|
|
|
|
|
2015-06-19 07:21:51 -04:00
|
|
|
To get a new certificate run:
|
|
|
|
|
|
|
|
|
|
.. code-block:: shell
|
|
|
|
|
|
2015-09-02 16:11:13 -04:00
|
|
|
sudo ./venv/bin/letsencrypt auth
|
2015-06-19 07:21:51 -04:00
|
|
|
|
2015-06-19 07:03:05 -04:00
|
|
|
The ``letsencrypt`` commandline tool has a builtin help:
|
2015-01-25 15:30:24 -05:00
|
|
|
|
2015-03-22 18:25:50 -04:00
|
|
|
.. code-block:: shell
|
2015-01-25 15:30:24 -05:00
|
|
|
|
2015-02-24 11:02:01 -05:00
|
|
|
./venv/bin/letsencrypt --help
|
2015-01-25 15:30:24 -05:00
|
|
|
|
|
|
|
|
|
2015-07-03 11:02:01 -04:00
|
|
|
Configuration file
|
|
|
|
|
------------------
|
|
|
|
|
|
|
|
|
|
It is possible to specify configuration file with
|
|
|
|
|
``letsencrypt --config cli.ini`` (or shorter ``-c cli.ini``). For
|
|
|
|
|
instance, if you are a contributor, you might find the following
|
|
|
|
|
handy:
|
|
|
|
|
|
|
|
|
|
.. include:: ../examples/dev-cli.ini
|
|
|
|
|
:code: ini
|
|
|
|
|
|
|
|
|
|
By default, the following locations are searched:
|
|
|
|
|
|
|
|
|
|
- ``/etc/letsencrypt/cli.ini``
|
|
|
|
|
- ``$XDG_CONFIG_HOME/letsencrypt/cli.ini`` (or
|
|
|
|
|
``~/.config/letsencrypt/cli.ini`` if ``$XDG_CONFIG_HOME`` is not
|
|
|
|
|
set).
|
|
|
|
|
|
|
|
|
|
.. keep it up to date with constants.py
|
|
|
|
|
|
|
|
|
|
|
2015-06-12 08:58:17 -04:00
|
|
|
.. _Augeas: http://augeas.net/
|
2015-06-19 06:49:18 -04:00
|
|
|
.. _Virtualenv: https://virtualenv.pypa.io
|
