aAPT
dDebian
fFFmpeg
jJava
mMercurial: Usage
oOCaml
pPostgreSQL

Home Protocols

Dehydrated

Minimal setup with Apache HTTP or Nginx to serve ACME challenge

1. Create the output directory:

# mkdir /etc/dehydrated/ssl
# chmod 750 /etc/dehydrated/ssl

2. Create the configuration file for domain names:

# echo $DOMAIN > /etc/dehydrated/domains.txt
# chmod 600 /etc/dehydrated/domains.txt

3. Edit the main configuration file /etc/dehydrated/config:

CONFIG_D=/etc/dehydrated/conf.d
BASEDIR=/etc/dehydrated/ssl
WELLKNOWN=/var/www/html
DOMAINS_TXT=/etc/dehydrated/domains.txt

4. Configure HTTP server:

4.1. Apache HTTP

Add this section to Apache HTTP default host config /etc/apache2/sites-available/000-default.conf below DocumentRoot directive

conf 
        Alias /.well-known/acme-challenge /var/www/html

        <Directory /var/www/html>
                Options None
                AllowOverride None
                Require all granted
        </Directory>

or set the WELLKNOWN variable to /var/www/html/.well-known/acme-challenge value.

4.2. Nginx

acme.conf 
server {
  listen 80;
  listen [::]:80;
  server_name _;

  location /.well-known/acme-challenge {
    alias /var/www/html;
  }
}

5. Start the HTTP server.

6. Register ACME account and accept terms:

# dehydrated --register --accept-terms

7. Retrieve the certificates:

# dehydrated -c

8. Stop the HTTP server.