{"id":805,"date":"2017-07-31T07:47:16","date_gmt":"2017-07-31T05:47:16","guid":{"rendered":"https:\/\/www.em-soft.si\/myblog\/elvis\/?p=805"},"modified":"2017-07-31T07:47:16","modified_gmt":"2017-07-31T05:47:16","slug":"windows-server-essentials-with-lets-encrypt-certificate","status":"publish","type":"post","link":"https:\/\/em-soft.si\/myblog\/elvis\/?p=805","title":{"rendered":"Windows Server Essentials with Let&#8217;s Encrypt certificate"},"content":{"rendered":"<p>Many administrators in small environments (where we have Essentials server) have to buy a trusted certificates to make RWW working. The common problem of all those environments is, that there is no money for buying certificates or owners don\u2019t understand why they need to buy certificates. This is why I am writing a post how to certify RWW with Let\u2019s encrypt certificates.<br \/>\nIt is a bit different to do it because Let\u2019s encrypt certificates have validation period only three months and maybe it seems, you will have a lot of work \u2013 but don\u2019t be afraid; we have two ways to simplify this procedure and my preferred procedure is with a product called Certify.<\/p>\n<ul>\n<li>First download Certify from this link (<a href=\"https:\/\/certify.webprofusion.com\/\">https:\/\/certify.webprofusion.com\/<\/a>).<\/li>\n<li>Install Certify with default options as you can see on screen shots. There is no need to change any settings; the application is simple and can be always installed with default options.<\/li>\n<\/ul>\n<p><a href=\"https:\/\/em-soft.si\/myblog\/elvis\/?attachment_id=813\" rel=\"attachment wp-att-813\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-medium wp-image-813\" src=\"https:\/\/em-soft.si\/myblog\/elvis\/wp-content\/uploads\/2017\/07\/LetsEncrypt1-300x234.png\" alt=\"\" width=\"300\" height=\"234\" srcset=\"https:\/\/em-soft.si\/myblog\/elvis\/wp-content\/uploads\/2017\/07\/LetsEncrypt1-300x234.png 300w, https:\/\/em-soft.si\/myblog\/elvis\/wp-content\/uploads\/2017\/07\/LetsEncrypt1.png 515w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p><a href=\"https:\/\/em-soft.si\/myblog\/elvis\/?attachment_id=814\" rel=\"attachment wp-att-814\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-medium wp-image-814\" src=\"https:\/\/em-soft.si\/myblog\/elvis\/wp-content\/uploads\/2017\/07\/LetsEncrypt2-300x232.png\" alt=\"\" width=\"300\" height=\"232\" srcset=\"https:\/\/em-soft.si\/myblog\/elvis\/wp-content\/uploads\/2017\/07\/LetsEncrypt2-300x232.png 300w, https:\/\/em-soft.si\/myblog\/elvis\/wp-content\/uploads\/2017\/07\/LetsEncrypt2.png 514w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p><a href=\"https:\/\/em-soft.si\/myblog\/elvis\/?attachment_id=815\" rel=\"attachment wp-att-815\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-medium wp-image-815\" src=\"https:\/\/em-soft.si\/myblog\/elvis\/wp-content\/uploads\/2017\/07\/LetsEncrypt3-300x234.png\" alt=\"\" width=\"300\" height=\"234\" srcset=\"https:\/\/em-soft.si\/myblog\/elvis\/wp-content\/uploads\/2017\/07\/LetsEncrypt3-300x234.png 300w, https:\/\/em-soft.si\/myblog\/elvis\/wp-content\/uploads\/2017\/07\/LetsEncrypt3.png 514w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<ul>\n<li>Now you have to modify Essentials server configuration. Certify can issue the certificate banded to name of default web site in IIS. This means that we have to modify default site bindings (look at picture) in a way that we have public RWW name bind to default web site and port 80 \u2013 443 SSL is not needed.<\/li>\n<\/ul>\n<p><a href=\"https:\/\/em-soft.si\/myblog\/elvis\/?attachment_id=808\" rel=\"attachment wp-att-808\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-large wp-image-808\" src=\"https:\/\/em-soft.si\/myblog\/elvis\/wp-content\/uploads\/2017\/07\/LetsEncrypt6-1024x612.png\" alt=\"\" width=\"640\" height=\"383\" srcset=\"https:\/\/em-soft.si\/myblog\/elvis\/wp-content\/uploads\/2017\/07\/LetsEncrypt6-1024x612.png 1024w, https:\/\/em-soft.si\/myblog\/elvis\/wp-content\/uploads\/2017\/07\/LetsEncrypt6-300x179.png 300w, https:\/\/em-soft.si\/myblog\/elvis\/wp-content\/uploads\/2017\/07\/LetsEncrypt6-768x459.png 768w, https:\/\/em-soft.si\/myblog\/elvis\/wp-content\/uploads\/2017\/07\/LetsEncrypt6.png 1056w\" sizes=\"auto, (max-width: 640px) 100vw, 640px\" \/><\/a><\/p>\n<ul>\n<li>For the first time, when you enter Certify, you will need to add your contact details. It is just to care about your certificates.<\/li>\n<\/ul>\n<p><a href=\"https:\/\/em-soft.si\/myblog\/elvis\/?attachment_id=806\" rel=\"attachment wp-att-806\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-806 size-medium\" src=\"https:\/\/em-soft.si\/myblog\/elvis\/wp-content\/uploads\/2017\/07\/LetsEncrypt4-300x117.png\" alt=\"\" width=\"300\" height=\"117\" srcset=\"https:\/\/em-soft.si\/myblog\/elvis\/wp-content\/uploads\/2017\/07\/LetsEncrypt4-300x117.png 300w, https:\/\/em-soft.si\/myblog\/elvis\/wp-content\/uploads\/2017\/07\/LetsEncrypt4.png 440w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><a href=\"https:\/\/em-soft.si\/myblog\/elvis\/?attachment_id=807\" rel=\"attachment wp-att-807\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-807 size-medium\" src=\"https:\/\/em-soft.si\/myblog\/elvis\/wp-content\/uploads\/2017\/07\/LetsEncrypt5-300x173.png\" alt=\"\" width=\"300\" height=\"173\" srcset=\"https:\/\/em-soft.si\/myblog\/elvis\/wp-content\/uploads\/2017\/07\/LetsEncrypt5-300x173.png 300w, https:\/\/em-soft.si\/myblog\/elvis\/wp-content\/uploads\/2017\/07\/LetsEncrypt5.png 518w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<ul>\n<li>Open Certify and start registering the new certificate.<\/li>\n<\/ul>\n<p><a href=\"https:\/\/em-soft.si\/myblog\/elvis\/?attachment_id=817\" rel=\"attachment wp-att-817\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-817\" src=\"https:\/\/em-soft.si\/myblog\/elvis\/wp-content\/uploads\/2017\/07\/LetsEncrypt11.png\" alt=\"\" width=\"500\" height=\"340\" srcset=\"https:\/\/em-soft.si\/myblog\/elvis\/wp-content\/uploads\/2017\/07\/LetsEncrypt11.png 827w, https:\/\/em-soft.si\/myblog\/elvis\/wp-content\/uploads\/2017\/07\/LetsEncrypt11-300x204.png 300w, https:\/\/em-soft.si\/myblog\/elvis\/wp-content\/uploads\/2017\/07\/LetsEncrypt11-768x522.png 768w\" sizes=\"auto, (max-width: 500px) 100vw, 500px\" \/><\/a><\/p>\n<ul>\n<li>From the form select default web site and clear checkbox from local server name.<\/li>\n<li>CLick Save.<\/li>\n<li>Click Request certificate. At this point you will receive the certificate \u2013 be careful on firewall rules; you need to open port 80 and 443.<\/li>\n<\/ul>\n<p><a href=\"https:\/\/em-soft.si\/myblog\/elvis\/?attachment_id=819\" rel=\"attachment wp-att-819\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-819 size-medium\" src=\"https:\/\/em-soft.si\/myblog\/elvis\/wp-content\/uploads\/2017\/07\/LetsEncrypt12-300x130.png\" alt=\"\" width=\"300\" height=\"130\" srcset=\"https:\/\/em-soft.si\/myblog\/elvis\/wp-content\/uploads\/2017\/07\/LetsEncrypt12-300x130.png 300w, https:\/\/em-soft.si\/myblog\/elvis\/wp-content\/uploads\/2017\/07\/LetsEncrypt12.png 555w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><a href=\"https:\/\/em-soft.si\/myblog\/elvis\/?attachment_id=820\" rel=\"attachment wp-att-820\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-820 size-medium\" src=\"https:\/\/em-soft.si\/myblog\/elvis\/wp-content\/uploads\/2017\/07\/LetsEncrypt13-300x120.png\" alt=\"\" width=\"300\" height=\"120\" srcset=\"https:\/\/em-soft.si\/myblog\/elvis\/wp-content\/uploads\/2017\/07\/LetsEncrypt13-300x120.png 300w, https:\/\/em-soft.si\/myblog\/elvis\/wp-content\/uploads\/2017\/07\/LetsEncrypt13.png 551w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<ul>\n<li>We have now to do the last step: go to Configure Auto Renew and type Username and Password for user who is able to request the certificate.<\/li>\n<\/ul>\n<p><a href=\"https:\/\/em-soft.si\/myblog\/elvis\/?attachment_id=818\" rel=\"attachment wp-att-818\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-818 size-medium\" src=\"https:\/\/em-soft.si\/myblog\/elvis\/wp-content\/uploads\/2017\/07\/LetsEncrypt14-300x162.png\" alt=\"\" width=\"300\" height=\"162\" srcset=\"https:\/\/em-soft.si\/myblog\/elvis\/wp-content\/uploads\/2017\/07\/LetsEncrypt14-300x162.png 300w, https:\/\/em-soft.si\/myblog\/elvis\/wp-content\/uploads\/2017\/07\/LetsEncrypt14.png 421w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p>That\u2019s all you need. Now you have configured RWW with free trusted certificate, the certificate will be renewed automatically when will expire and you don\u2019t need to manually renew it anymore.<br \/>\nThe same process can be done on any IIS website or for any certificate that could be requested thru IIS.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Many administrators in small environments (where we have Essentials server) have to buy a trusted certificates to make RWW working. The common problem of all those environments is, that there is no money for buying certificates or owners don\u2019t understand why they need to buy certificates. This is why I am writing a post how [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5,15],"tags":[17,40],"class_list":["post-805","post","type-post","status-publish","format-standard","hentry","category-essentials-server","category-windows-server","tag-essentials-server-2","tag-windows-server"],"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/em-soft.si\/myblog\/elvis\/index.php?rest_route=\/wp\/v2\/posts\/805","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/em-soft.si\/myblog\/elvis\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/em-soft.si\/myblog\/elvis\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/em-soft.si\/myblog\/elvis\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/em-soft.si\/myblog\/elvis\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=805"}],"version-history":[{"count":1,"href":"https:\/\/em-soft.si\/myblog\/elvis\/index.php?rest_route=\/wp\/v2\/posts\/805\/revisions"}],"predecessor-version":[{"id":821,"href":"https:\/\/em-soft.si\/myblog\/elvis\/index.php?rest_route=\/wp\/v2\/posts\/805\/revisions\/821"}],"wp:attachment":[{"href":"https:\/\/em-soft.si\/myblog\/elvis\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=805"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/em-soft.si\/myblog\/elvis\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=805"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/em-soft.si\/myblog\/elvis\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=805"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}