بِسْمِ اللهِ الرَّحْمنِ الرَّحِيمِ-
Create A hostname record in your domain
We should create A Hostname Record in your Domain Panel, for example of mine, i add a hostname record on Cloudflare
I use Ubuntu 16.04 to install Pihole and here the steps to install Letsencrypt into the box
[email protected]:~# apt-get install letsencrypt
After install Letsencrypt into the box, you can continue the steps below
- Open up a root shell and make sure you’re in root’s home (probably /root).
- Go to the Certbot page and tell them you’re using none of the above (Pihole uses lighttpd). Select your OS. If you’re using Raspbian, choose Debian (other). (Raspbian doesn’t have jessie-backports, which are the instructions you get if you choose Debian 8)
- Go ahead and run the wget and chmod commands the website gives you.
letsencrypt certonly --webroot -w /var/www/html -d example.com --dry-runreplacing example.com with your domain. You can use -d multiple times if you have multiple domains (like www.example.com and example.com). This’ll take a while the first time as it installs all the bits and pieces it needs.
- Did everything look good? If it issued a certificate, great! If not, don’t proceed until you fix whatever went wrong. Odds are it failed to validate… you are using a real domain name, one the letsencrypt servers can resolve, right?
- Run the command again, this time without
--dry-runso you get a real certificate.
ssl.pemfile = "/etc/letsencrypt/live/example.com/combined.pem"and
ssl.ca-file = "/etc/letsencrypt/live/example.com/chain.pem". Again, replace example.com with your domain.
ln -s /etc/lighttpd/conf-available/10-ssl.conf /etc/lighttpd/conf-enabled/10-ssl.conf
cat privkey.pem cert.pem > combined.pem
systemctl restart lighttpd
- If I didn’t forget any [more] steps, it should be working. Now, let’s automate renewals since Let’s Encrypt certificates are only good for 90 days.
- Add the following to the end of /etc/crontab (it’s one long line), replacing the first number with a random number between 0 and 59, and the second number with the hour you want the renew to happen.
47 5 * * * root /root/certbot-auto renew --quiet --no-self-upgrade --renew-hook "cat $RENEWED_LINEAGE/privkey.pem $RENEWED_LINEAGE/cert.pem > $RENEWED_LINEAGE/combined.pem;systemctl reload-or-try-restart lighttpd"
Original Post from Reddit
How to Redirect HTTP to HTTPS admin page
Open files lighttpd via Command Line (console)
Tambahkan syntax berikut
Restart lighttpd Service
service lighttpd restart