UCRM - Using Let's Encrypt Certificate

Overview


This article guides the reader on how to use Let's Encrypt. You will learn how to install Let's Encrypt, how to use the certificate files and how to renew them. Certbot will be used for the purposes of this help document, as it is the easiest way to install and renew the certificates.

Table of Contents


  1. How to Install Let's Encrypt and Set Up HTTPS
  2. How to Renew the Certificates
  3. Related Articles

How to Install Let's Encrypt and Set Up HTTPS


Back to Top

Follow these steps to install Let's Encrypt and set up HTTPS:

1. Make sure you have your Server domain name filled in UCRM by going to System > Settings > Application. For example "my-ucrm.com"

2. Get certbot using the instructions found on their website. This article uses Ubuntu 16.04, it might be slightly different for other distributions. For the purposes of this article begin with the command:

sudo apt-get install letsencrypt

3. Run the following command to generate the certificate. Note the "certonly" option is the one desired. Make sure the path to the webroot is correct. In default installation, UCRM is located at /home/ucrm, therefore the path would be /home/ucrm/data/ucrm/ucrm/data/webroot.

letsencrypt certonly --webroot -w /home/ucrm/data/ucrm/ucrm/data/webroot -d my-ucrm.com -d www.my-ucrm.com

4. Fill in your email (if asked for it). The path showing the location of the certificates will appear in the Success Message. Now all that's left to do is to copy them to UCRM and restart the docker containers using these commands:

cp /etc/letsencrypt/live/my-ucrm.com/fullchain.pem /home/ucrm/data/ucrm/ssl/ucrm.crt
cp /etc/letsencrypt/live/my-ucrm.com/privkey.pem /home/ucrm/data/ucrm/ssl/ucrm.key
cd /home/ucrm && sudo docker-compose restart 

How to Renew the Certificates


Back to Top

To renew the certificates, you need to run "letsencrypt renew" and once again, copy the certificate files to UCRM and restart the docker containers.

letsencrypt renew

cp /etc/letsencrypt/live/my-ucrm.com/fullchain.pem /home/ucrm/data/ucrm/ssl/ucrm.crt
cp /etc/letsencrypt/live/my-ucrm.com/privkey.pem /home/ucrm/data/ucrm/ssl/ucrm.key
cd /home/ucrm && sudo docker-compose restart

Related Articles


Back to Top

UCRM - Setting up SSL Certificate

Powered by Zendesk