If you have a public-facing web server you manage and want to enable SSL on it (you should want to), you can generate a self-signed certificate… or you can use Let’s Encrypt as a certificate authority and generate a proper certificate.
There are Certbot downloads for various Linux and Unix platforms (including macOS).
If you’re using Apache on macOS, you may have to install Homebrew first.
Then you pretty much run
The first time I ran it, I got this weird error:
AH00526: Syntax error on line 9 of /etc/letsencrypt/options-ssl-apache.conf: Setting Compression mode unsupported; not implemented by the SSL library
The certificate lasts only 90 days, but you’re expected to automate the renewal process every 60 days anyway.
After you’ve Certbot-created your certificate and verified it works, do a dry run to make sure you’re able to automate a renewal:
If that’s good, you can run a cron job or launch daemon for
One response to “Enable SSL on your web server using Let’s Encrypt and Certbot”
[…] had more of a focus on Mac OS X Server and not plain old Mac OS X client. A few other helpful links here, here and here. And this thread on the Let’s Encrypt site helped me figure out what […]