GenSynth Documentation

Example: Using Let's Encrypt

These instructions for using Let's Encrypt are intended to help you get startedusing certificates with HTTPS. Please refer to the documentation at letsencrypt.org for more information. You can use other methods to obtain a certificate, this is just an example.

For this method the host must be on the public internet and the host name must be resolvable by the servers at Let's Encrypt, which will attempt to contact your machine using port 80 to prove that you own it. You will also require sudo privileges on the host in order to listen on port 80.

  1. Install certbot. If you have not done so, you will need to install certbot tool on the host (not within the containers).

    $ sudo apt-get update 
    $ sudo apt-get install --yes certbot 
  2. Run certbot. Invoke the authentication process:

    $ sudo certbot certonly --standalone 
  3. Answer the questions. When asked for the domain name(s), use the host name that resolves to the present host. We use gensynth.domain.example.com in the examples.

You should see something like this, which tells you where the fullchain.pem certificate and privkey.pem key files are located:

Performing the following challenges:
http-01 challenge for gensynth.domain.example.com
Waiting for verification...
Cleaning up challenges

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/gensynth.domain.example.com/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/gensynth.domain.example.com/privkey.pem
   Your certificate will expire on 2021-04-27. To obtain a new or
   tweaked version of this certificate in the future, simply run
   certbot again. To non-interactively renew *all* of your
   certificates, run "certbot renew"

Use the full paths of the pem files in your GenSynth configuration settings.