This article is mostly inspired from existing sources on the interwebs [1][1] [2][2] but tries to simplify the process by making it environment independent.

Let’s Encrypt is a great, free [put here other great words] certificate authority. But as you already have heard of them, you are probably wondering on how to actually take advantage of this, especially if you are using Google App Engine (GAE).

Getting started

Generating a new certificate

The examples are from an Ubuntu Linix machine. Probably it will work on OS X, not sure about Windows. :-/

$ git clone $ cd letsencrypt $ ./letsencrypt-auto –help

Next you will be presented with a simple graphical interface where you can specify for which domains you need SSL certificates.

$ sudo ./letsencrypt-auto -a manual certonly

Lets Encrypt Wizzard

The last step before the SSL certificate is issues, is verifying that you actually own the domain.

Lets Encrypt ACME Challenge

DO NOT PRESS ENTER until you can actually check the expected response from you server.

Now here is the difference from other tutorials: most of them will make you upload a script for this. From what I have observed, a simple plain-text file will do just fine.

Create a text file and put there the expected response. I have used:


Configure a new handler in you app.yaml file:

handlers: # Modify the URL below as instructed - url: “/.well-known/acme-challenge/fVQqgmgRqBXe8CU_4NY8Sih28HVV3Gb9-Fx5p45ELIk” static_files: _letsencrypt/acme.txt upload: _letsencrypt/acme.txt

Upload a new version of your app to GAE and make sure it serves the expected URL.

Can you see it? Than you can press ENTER and start the verification. If it succeeds, the certificate will be generated.

Lets Encrypt Certificate generated successfully message

If it fails, you need to figure out what you did wrong and start the whole process again.

Using the generated certificate

Now go to the Google Cloud Platform and open your project.

On the left menu, click Settings and after you will see a tab SSL Certificates.

Click “Upload a new certificate” and a form will open.

For the first text field (public certificate), you will need to run the following command from your console and copy the output. Replace with your domain name.

$ sudo less /etc/letsencrypt/live/

Same for your private key. Replace with your domain name.

$ sudo openssl rsa -inform pem -in /etc/letsencrypt/live/ -outform pem | less

Upload the certificate.

Lets Encrypt Certificate Google Cloud Platform - GAE

Test your website.

Remember to note when it expires.

Something wrong with this tutorial? Just drop a comment below. Thanks!

[1] [2]

Joomla! 3 Getting Started With Extension Development

Most of the books or articles on Joomla! development focus on building your firstmodule or component, but do not really talk about the se...… Continue reading