Difference between revisions of "Let's Encrypt ESXi VPS"

From Comprofix
Jump to: navigation, search
Line 1: Line 1:
= Automatically update Certificates =
 
 
 
= Manually Update Certificates =  
 
= Manually Update Certificates =  
 
== Generating the Certificate ==
 
== Generating the Certificate ==
Line 53: Line 51:
  
 
Congratulations you should now have a Secured SSL Certificate on your ESXi VPS
 
Congratulations you should now have a Secured SSL Certificate on your ESXi VPS
 +
 +
= Automatically update Certificates =
 +
 +
<span style="color:red"> '''This is a work in progress. Currently this is just notes. Use at your own risk''' </span>

Revision as of 16:15, 21 May 2018

Manually Update Certificates

Generating the Certificate

Generate-openssl.png

  • Open a Command Prompt
  • Change to your OpenSSL Folder
cd \OpenSSL\bin
  • Copy and paste your generated command from above

Generate-csr.png

  • Open Your Key File in Notepad
  • Visit https://zerossl.com/free-ssl/#crt
  • Copy and paste the contents of your Key file you have open in Notepad into the CSR section
  • Accept ZeroSSL TOS and Accept Let’s Encrypt SA and click Next

Zerossl-csr-rsa.png

  • This will generate a RSA for LetsEncrypt
  • Download a copy of your Generated RSA Key. We don’t need this at this time, but we need to download it to continue.
  • Select DNS verification and Click Next
  • Update your DNS TXT records with the information provided.
  • Once DNS has been updated Click Next
  • The certificate will be generated. Download the certificate – domain-crt.txt

Upload your Certificate to ESXi

  • Now you should have two files required for ESXi. esxi_comprofix_com.key file (name depends on what you used in the CSR command) and a domain-crt.txt which is the certificate.
  • Rename your key file to rui.key
  • Rename domain-crt.txt to rui.crt
  • Connect to your ESXi Machine and shutdown any running VMs
  • Put the ESXi Machine into “Maintenance Mode”
  • Enable SSH on your ESXi VPS
  • Download and Install WinSCP – https://winscp.net/eng/download.php
  • Open WinSCP and connect to your ESXi Machine
  • Navigate to the Folder /etc/vmware/ssl
  • Rename the file /etc/vmware/ssl/rui.key to /etc/vmware/ssl/rui.key.bak
  • Rename the file /etc/vmware/ssl/rui.crt to /etc/vmware/ssl/rui.key.crt
  • Upload your rui.key and rui.crt file to /etc/vmware/ssl
  • Download the Putty SSH Client – http://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html
  • Connect to your ESXi machine using Putty
  • Run the command – services.sh restart

Putty-esxi.png

  • This will restart the ESXi Services
  • Take you ESXi Machine out of “Maintenance Mode”
  • Open a Web Browser and visit your ESXi VPS Domain Name that you created.

Esxi-certificate-info.png

Congratulations you should now have a Secured SSL Certificate on your ESXi VPS

Automatically update Certificates

This is a work in progress. Currently this is just notes. Use at your own risk