Note

You are viewing the documentation for an older release of Interworx (6.x). To see documentation for the current generally available release of Interworx, click here: 7.13.

How To Generate SSL Certificates Using Let’s Encrypt in InterWorx

Let’s Encrypt is a free, automated, and open certificate authority (CA), run for the public’s benefit. It is a service provided by the Internet Security Research Group (ISRG). Let’s Encrypt integrates with InterWorx via a plugin, which allows users to generate free, secure, SSL certificates.

Requirements:

In order to generate a Let’s Encrypt SSL certificate, the following criteria must be met:

  • Let’s Encrypt plugin must be enabled in NodeWorx

  • Domain must be active and resolve to an IP on the server

Set Up:

To enable the Let’s Encrypt plugin in NodeWorx, follow these steps:

  1. In NodeWorx, under NodeWorx > Plugins, click the “Edit” button next to the Let’s Encrypt option

  2. Select “Enabled” from the drop down menu

  3. Click “Save”

lets encrypt 1 lets encrypt 2

Generate:

Here is how to generate an SSL certificate in SiteWorx using Let’s Encrypt:

  1. In SiteWorx, navigate to Hosting Features > Domains > SSL

  2. Click the “Generate All With Let’s Encrypt”button

  3. Choose domains the SSL certificate will apply to

  4. Click the “Generate” button

lets encrypt 3

Troubleshooting:

Logging information for Let’s Encrypt can be found in the following locations:

  • /var/log/letsencrypt/letsencrypt.logletsencrypt.log

    • only records the most recent attempt at generating a certificate. While the log does rotate for each attempt, the individual logs only hold information on one attempt, each

  • /var/log/letsencrypt/letsencrypt-renew.log

    • Let’s Encrypt certificates renew automatically within 30 days of expiration. This is handled by the weekly cron

Common errors:

Error:

lets encrypt 4

Let’s Encrypt only allows a certain amount of certificate generation attempts per server, per week. This includes when generating a certificate fails. Currently it is 20/week. Once that cap is hit, it does not allow any more attempts until that counter resets. For further information: https://letsencrypt.org/docs/rate-limits/

Error:

lets encrypt 5

Let’s Encrypt certificates can only be generated for sites that resolve to IPs on the server. If the site is live, make sure that DNS is propagated