How to install Let's Encrypt SSL certificates on ClearOS

 Issue reported

2018-01-18: Some issues have been reported with the Let's Encrypt app for ClearOS, which seem to be related to the recent changes about "TLS-SNI challenges disabled for most new issuance". Our team is investigating. Solved in latest update

Official documentation is now available at https://www.clearos.com/resources/documentation/clearos/content:en_us:7_ug_lets_encrypt

Let's Encrypt is an open certificate authority that provides free SSL certificates. The app intelligently integrates the certificate lifecyle and management into Webconfig to be used by other services - Webconfig, website hosting, Openfire etc.


From the Marketplace

Install from web interface (in the System section), like all the other apps.


yum install app-lets-encrypt

Create certificates

System > Security > Let's Encrypt > Add
Lets Encrypt ClearOS Add A Certificate

 The www is not automatically added

For websites, you may want to add a certificate with and without the www. Ex.:

Primary Domain: example.org
Other Domains: www.example.org

List certificates

System > Security > Let's Encrypt
Lets Encrypt ClearOS Dashboard

Assign a certificate to a website

Server > Web > Web Server > Add or Edit > Settings > Options > Digital Certificate
Lets Encrypt ClearOS Use Certificate For A Website

Replace the self-signed certificate for the ClearOS admin panel

System -> General Settings > Settings > SSL Certificate -> Edit -> Pick Let's Encrypt certificate
Lets Encrypt ClearOS Use Certificate For A Admin Panel

 If it doesn't take effect right away,

just use another browser (ex.: Firefox instead of Chrome)

Using Let's Encrypt certificates in other apps

It is quite easy to use Let's Encrypt certificates in other apps using the following document: https://www.clearos.com/resources/documentation/clearos/content:en_us:kb_howtos_using_letsencrypt_certificates_for_mail
Although primarily written for mail apps, the methodology should be easily extensible to other apps such as LDAP, the FTP server and OpenFire.