You can now install valid SSL certificates with Let’s Encrypt using QuickBox’s builtin installer.
Using Let’s Encrypt for SSL on your seedbox is a great way to have a valid certificate and avoid all the nag screens and exceptions that you have to jump through when dealing with self-signed certificates. Let’s Encrypt provides an easy way to obtain and install trusted certificates for absolutely no cost, other a couple of minutes of time.
Before we start, it is required that you have a valid domain name. Purchase one anywhere you like… they are not too expensive. You will then need to setup an A Record for the domain to point the IP of your seedbox towards. I would recommend CloudFlare… there are several reasons why CloudFlare is a good choice, but the biggest is that once again, it’s free.
box install letsencrypt and follow the instructions
In the near future, QuickBox will provide an option to donate to the Project any amount you like and we’ll hook you up on a subdomain, ie. myseedbox.quickbox.io. Obviously, there would be limitations to this method as someone could already have a subdomain, so we’ll sort those details as it plays out… for now, domains are relatively cheap.
NOW AVAILABLE here
EVERYTHING BELOW IS OUTDATED
Setup and install Let’s Encrypt
###Option 1: Sever has its own Domain
apt-get -y install git git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt cd /opt/letsencrypt ./letsencrypt-auto --apache -d your_domain.com -d sub.your_domain.com
Replace your_domain.com and sub.your_domain.com with that of your actual domain. Subdomains are only needed if you are attaching your seedbox to another domain, ie; mybox.seedbox.com use Option 2.
Option 2: Server is on a Subdomain
apt-get -y install git git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt cd /opt/letsencrypt\r\n./letsencrypt-auto --apache -d sub.your_domain.com
You may receive a prompt asking which configuration file to use for Let’s Encrypt, it is important that you choose 000-default.conf and not default-ssl.conf. Choosing default-ssl.conf can and in most cases wipe the QiuckBox default-ssl.conf already in place, this results in needing to rebuild the apache configuration files.
Then setup auto-renewal of the ca-certificate
Now add a crontab
sudo crontab -e
Enter the following:
30 2 * * 1 /opt/letsencrypt/letsencrypt-auto renew >> /var/log/le-renew.log
Save and exit.
This will create a new cron job that will execute the letsencrypt-auto renew command every Monday at 2:30 am. The output produced by the command will be piped to a log file located at /var/log/le-renewal.log.
Next, you will also need to change your DocumentRoot after you install let’sencrypt … The good news is you can do it with one string :
sed -i "s|DocumentRoot /var/www/html|DocumentRoot /srv/rutorrent/home/|g" /etc/apache2/sites-enabled/000-default-le-ssl.conf && service apache2 restart