{"id":835,"date":"2015-12-10T17:06:17","date_gmt":"2015-12-10T10:06:17","guid":{"rendered":"http:\/\/whplus.com\/blog\/?p=835"},"modified":"2015-12-10T17:06:17","modified_gmt":"2015-12-10T10:06:17","slug":"cara-install-ssl-letsencrypt","status":"publish","type":"post","link":"https:\/\/www.whplus.com\/blog\/2015\/12\/10\/cara-install-ssl-letsencrypt.html","title":{"rendered":"Cara Install SSL LetsEncrypt"},"content":{"rendered":"

Berikut tutorial cara install SSL LetsEncrypt<\/p>\n

1. Install LetsEncrypt Client<\/strong>
\nrpm -ivh https:\/\/dl.fedoraproject.org\/pub\/epel\/epel-release-latest-6.noarch.rpm
\nrpm -ivh https:\/\/rhel6.iuscommunity.org\/ius-release.rpm
\nyum -y install git python27 python27-devel python27-pip python27-setuptools python27-virtualenv --enablerepo=ius
\ncd \/root
\ngit clone https:\/\/github.com\/letsencrypt\/letsencrypt
\ncd \/root\/letsencrypt
\nsed -i \"s|--python python2|--python python2.7|\" letsencrypt-auto
\n.\/letsencrypt-auto --verbose
\n<\/code><\/p>\n

2. Generate SSL<\/strong>
\ncd \/root\/letsencrypt
\n.\/letsencrypt-auto --text --agree-tos --email email@domain.com certonly --renew-by-default --webroot --webroot-path \/home\/user\/public_html\/ -d domain.com -d www.domain.com
\n<\/code>
\nganti user dengan user cpanel
\n<\/p>\n

Selanjutnya bisa gunakan perintah berikut:
\ncd \/root\/.local\/share\/letsencrypt\/bin\/
\n.\/letsencrypt --text certonly --renew-by-default --webroot --webroot-path \/home\/user\/public_html\/ -d domain.com -d www.domain.com
\n<\/code><\/p>\n

3. Buat script utk install ssl
\n#!\/usr\/local\/cpanel\/3rdparty\/bin\/perl<\/p>\n

use strict;
\nuse LWP::UserAgent;
\nuse LWP::Protocol::https;
\nuse MIME::Base64;
\nuse IO::Socket::SSL;
\nuse URI::Escape;<\/p>\n

my $user = \"root\";
\nmy $pass = \"rootpass\";<\/p>\n

my $auth = \"Basic \" . MIME::Base64::encode( $user . \":\" . $pass );<\/p>\n

my $ua = LWP::UserAgent->new(
\n ssl_opts => { verify_hostname => 0, SSL_verify_mode => 'SSL_VERIFY_NONE', SSL_use_cert => 0 },
\n);<\/p>\n

my $dom = $ARGV[0];<\/p>\n

my $certfile = \"\/etc\/letsencrypt\/live\/$dom\/cert.pem\";
\nmy $keyfile = \"\/etc\/letsencrypt\/live\/$dom\/privkey.pem\";
\nmy $cafile = \"\/etc\/letsencrypt\/live\/bundle.txt\";<\/p>\n

my $certdata;
\nmy $keydata;
\nmy $cadata;<\/p>\n

open(my $certfh, '< ', $certfile) or die \"cannot open file $certfile\";\n {\n local $\/;\n $certdata = <$certfh>;
\n }
\n close($certfh);<\/p>\n

open(my $keyfh, '< ', $keyfile) or die \"cannot open file $keyfile\";\n {\n local $\/;\n $keydata = <$keyfh>;
\n }
\n close($keyfh);<\/p>\n

open(my $cafh, '< ', $cafile) or die \"cannot open file $cafile\";\n {\n local $\/;\n $cadata = <$cafh>;
\n }
\n close($cafh);<\/p>\n

my $cert = uri_escape($certdata);
\nmy $key = uri_escape($keydata);
\nmy $ca = uri_escape($cadata);<\/p>\n

my $request = HTTP::Request->new( POST => \"https:\/\/127.0.0.1:2087\/json-api\/installssl?api.version=1&domain=$dom&crt=$cert&key=$key&cab=$ca\" );
\n$request->header( Authorization => $auth );
\nmy $response = $ua->request($request);
\nprint $response->content;
\n<\/code>
\nsimpan dengan nama file installssl.pl
\ncara penggunaannya:<\/p>\n

chmod +x installssl.pl
\n.\/installssl.pl domain.com
\n<\/code><\/p>\n

Buat CA Bundle
\nnano \/etc\/letsencrypt\/live\/bundle.txt<\/code><\/p>\n

Isi CA Bundle
\n-----BEGIN CERTIFICATE-----
\nMIIEqDCCA5CgAwIBAgIRAJgT9HUT5XULQ+dDHpceRL0wDQYJKoZIhvcNAQELBQAw
\nPzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQD
\nEw5EU1QgUm9vdCBDQSBYMzAeFw0xNTEwMTkyMjMzMzZaFw0yMDEwMTkyMjMzMzZa
\nMEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
\nExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMTCCASIwDQYJKoZIhvcNAQEBBQAD
\nggEPADCCAQoCggEBAJzTDPBa5S5Ht3JdN4OzaGMw6tc1Jhkl4b2+NfFwki+3uEtB
\nBaupnjUIWOyxKsRohwuj43Xk5vOnYnG6eYFgH9eRmp\/z0HhncchpDpWRz\/7mmelg
\nPEjMfspNdxIknUcbWuu57B43ABycrHunBerOSuu9QeU2mLnL\/W08lmjfIypCkAyG
\ndGfIf6WauFJhFBM\/ZemCh8vb+g5W9oaJ84U\/l4avsNwa72sNlRZ9xCugZbKZBDZ1
\ngGusSvMbkEl4L6KWTyogJSkExnTA0DHNjzE4lRa6qDO4Q\/GxH8Mwf6J5MRM9LTb4
\n4\/zyM2q5OTHFr8SNDR1kFjOq+oQpttQLwNh9w5MCAwEAAaOCAZIwggGOMBIGA1Ud
\nEwEB\/wQIMAYBAf8CAQAwDgYDVR0PAQH\/BAQDAgGGMH8GCCsGAQUFBwEBBHMwcTAy
\nBggrBgEFBQcwAYYmaHR0cDovL2lzcmcudHJ1c3RpZC5vY3NwLmlkZW50cnVzdC5j
\nb20wOwYIKwYBBQUHMAKGL2h0dHA6Ly9hcHBzLmlkZW50cnVzdC5jb20vcm9vdHMv
\nZHN0cm9vdGNheDMucDdjMB8GA1UdIwQYMBaAFMSnsaR7LHH62+FLkHX\/xBVghYkQ
\nMFQGA1UdIARNMEswCAYGZ4EMAQIBMD8GCysGAQQBgt8TAQEBMDAwLgYIKwYBBQUH
\nAgEWImh0dHA6Ly9jcHMucm9vdC14MS5sZXRzZW5jcnlwdC5vcmcwPAYDVR0fBDUw
\nMzAxoC+gLYYraHR0cDovL2NybC5pZGVudHJ1c3QuY29tL0RTVFJPT1RDQVgzQ1JM
\nLmNybDATBgNVHR4EDDAKoQgwBoIELm1pbDAdBgNVHQ4EFgQUqEpqYwR93brm0Tm3
\npkVl7\/Oo7KEwDQYJKoZIhvcNAQELBQADggEBANHIIkus7+MJiZZQsY14cCoBG1hd
\nv0J20\/FyWo5ppnfjL78S2k4s2GLRJ7iD9ZDKErndvbNFGcsW+9kKK\/TnY21hp4Dd
\nITv8S9ZYQ7oaoqs7HwhEMY9sibED4aXw09xrJZTC9zK1uIfW6t5dHQjuOWv+HHoW
\nZnupyxpsEUlEaFb+\/SCI4KCSBdAsYxAcsHYI5xxEI4LutHp6s3OT2FuO90WfdsIk
\n6q78OMSdn875bNjdBYAqxUp2\/LEIHfDBkLoQz0hFJmwAbYahqKaLn73PAAm1X2kj
\nf1w8DdnkabOLGeOVcj9LQ+s67vBykx4anTjURkbqZslUEUsn2k5xeua2zUk=
\n-----END CERTIFICATE-----
\n<\/code><\/p>\n

Source: https:\/\/forums.cpanel.net\/threads\/how-to-installing-ssl-from-lets-encrypt.513621\/<\/p>\n","protected":false},"excerpt":{"rendered":"

Berikut tutorial cara install SSL LetsEncrypt 1. Install LetsEncrypt Client rpm -ivh https:\/\/dl.fedoraproject.org\/pub\/epel\/epel-release-latest-6.noarch.rpm rpm -ivh https:\/\/rhel6.iuscommunity.org\/ius-release.rpm yum -y install git python27 python27-devel python27-pip python27-setuptools python27-virtualenv –enablerepo=ius cd \/root git clone https:\/\/github.com\/letsencrypt\/letsencrypt cd \/root\/letsencrypt sed -i “s|–python python2|–python python2.7|” letsencrypt-auto .\/letsencrypt-auto –verbose 2. Generate SSL cd \/root\/letsencrypt .\/letsencrypt-auto –text –agree-tos –email email@domain.com certonly –renew-by-default –webroot –webroot-path\u2026 Read More »<\/a><\/span><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[],"class_list":["post-835","post","type-post","status-publish","format-standard","hentry","category-tutorial"],"aioseo_notices":[],"aioseo_head":"\n\t\t\n\t\n\t\n\t\n\t\n\t\n\t\n\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t