Are you doing your web hosting with Server.app? You’re probably not the biggest fan of it, but it works, so… let’s keep on keeping on. Do you want to have a free SSL certificate from Let’s Encrypt? Well, I found some really bad guides, so this is much better.
*Hat tip to MacAdmins slack for a few key points
Open up your Terminal.app (Go to the Go menu, choose Utilities, double-click on Terminal). This isn’t even a step, you should know this.
Step One – Install Homebrew
/usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
At this point, you will be prompted to press RETURN to continue. Press the return key.
It will then start downloading and installing Homebrew.
Install XCode Select
Turns out you need XCode Select installed, too. So I ran this code.
That popped up a dialogue box, I said Install.
This install took a few minutes, and then once it was done, I was ready to install certbot.
brew install certbot
That easy? Aye!
Get a Certificate!
We’re almost there. Now to get a certificate from Let’s Encrypt.
sudo certbot certonly
It will prompt you to know what type of server you have. Choose 3: Place files in webroot directory.
It will prompt you to provide the fully qualified domain name (FQDN) for the server. Such as neverhadtofight.com
It will then create some files in a subdirectory called .well-known to confirm you have ownership of this website. Once that’s done it will save the .pem files for you.
Transfer the .pem files to desktop
Using the cp command enter these to copy your files.
Replace <<FQDN>> with your FQDN. Replace <<USER>> with your username.
sudo cp /etc/letsencrypt/live/<<FQDN>>/privkey.pem /Users/<<USER>>/Desktop/privkey.pem
sudo cp /etc/letsencrypt/live/<<FQDN>>/fullchain.pem /Users/<<USER>>/Desktop/fullchain.pem
Hooray, now these files are on your desktop.
Go to Certificates.
Click on the +
Choose Import Certificate Identity…
Drag and drop the two .pem files and BAM