Ask HN: Easiest and least painful way of adding Lets Encrypt?
I have a Debian box (LAMP) with some legacy PHP sites where I want to put Lets Encrypt SSL. What is the most painful way of doing that without disturbing any site that's currently running on it ? Is there any tool or script which does most of the job so that I don't have to fiddle a lot with Apache/PHP config and risk to break something ? Thanks https://caddyserver.com/ - Caddy works pretty nicely, and you should be able to use it as a reverse proxy in front of apache. Use this to get exact instructions for your setup: Personally I use haproxy to forward all LE related requests to certbot in standalone mode. My email is in my profile if you want to try this and need some help. You can use the certbot on your local machine and setup a txt record on the DNS of the domain. Let's Encrypt will verify ownership against that text entry. Warning for anyone trying to add Lets Encrypt to GCP - absolute nightmare. Would not recommend. Are you willing to share some details about the challenges you had? Currently, there isn't any built-in support with AppEngine. The steps you have to go through to ssh in and verify ownership is just a hassle. kube-lego for kubernetes is just awesome!