Ask HN: Easiest and least painful way of adding Lets Encrypt?

8 points by turshija ↗ HN
I have a Debian box (LAMP) with some legacy PHP sites where I want to put Lets Encrypt SSL. What is the most painful way of doing that without disturbing any site that's currently running on it ? Is there any tool or script which does most of the job so that I don't have to fiddle a lot with Apache/PHP config and risk to break something ? Thanks

8 comments

[ 4.2 ms ] story [ 35.9 ms ] thread
Personally I use haproxy to forward all LE related requests to certbot in standalone mode.

My email is in my profile if you want to try this and need some help.

Warning for anyone trying to add Lets Encrypt to GCP - absolute nightmare. Would not recommend.
Are you willing to share some details about the challenges you had?
Currently, there isn't any built-in support with AppEngine. The steps you have to go through to ssh in and verify ownership is just a hassle.
You can use the certbot on your local machine and setup a txt record on the DNS of the domain.

Let's Encrypt will verify ownership against that text entry.

kube-lego for kubernetes is just awesome!