{"id":704,"date":"2016-05-19T14:05:36","date_gmt":"2016-05-19T13:05:36","guid":{"rendered":"https:\/\/hoover.gplrank.de\/?p=704"},"modified":"2016-05-19T14:10:22","modified_gmt":"2016-05-19T13:10:22","slug":"running-compilingletsencrypt-certbot-on-centos-5-systems","status":"publish","type":"post","link":"https:\/\/hoover.gplrank.de\/?p=704","title":{"rendered":"Setting up &#038; running letsencrypt a.k.a. certbot on CentOS \/ RHEL 5 systems"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone\" src=\"https:\/\/letsencrypt.org\/images\/letsencrypt-logo-horizontal.svg\" width=\"339\" height=\"81\" \/>\u00a0<img loading=\"lazy\" decoding=\"async\" class=\"alignnone\" src=\"https:\/\/www.centos.org\/images\/logo_small.png\" width=\"200\" height=\"50\" \/><\/p>\n<pre>Getting letsencrypt to run on an ancient CentOS  or Red Hat Enterprise Linux 5 system (they still tend to appear in the wild from time to time) can be a major headache. I took some notes during the setup, I hope you find the useful (you'll need some basic Unix admin skills in order to follow this recipe, so caution is advised as you go through the procedure).\u00a0\r\n\r\nSources:\u00a0\r\n\r\n<a href=\"http:\/\/stackoverflow.com\/questions\/23548188\/how-do-i-compile-python-3-4-with-custom-openssl\">http:\/\/stackoverflow.com\/questions\/23548188\/how-do-i-compile-python-3-4-with-custom-openssl<\/a>\r\n\r\n\r\n\r\nImportant: You'll need to use Python 2.7.8, anything beyond that version will\r\ndie with an invalid certificate error during the certbot setup phase. \r\n\r\n\r\n\r\n# compile openssl from source:\r\n\r\nmkdir -p \/server\/src &amp;&amp; cd \/server\/src\r\n\r\nwget https:\/\/www.openssl.org\/source\/openssl-1.0.1t.tar.gz\r\n\r\n\r\ntar xvzf\u00a0openssl-1.0.1t.tar.gz &amp;&amp; cd openssl-1.0.1t\r\n\r\n.\/config --prefix=\/server\/openssl-1.0.1t shared --openssldir=\/server\/openssl-1.0.1t\/openssl\r\n\r\n\r\nmake depend &amp;&amp; make &amp;&amp; make install\r\n\r\n# create a softlink for convenience\u00a0\r\n\r\nln -s \/server\/openssl-1.0.1t \/server\/openssl\r\n\r\n# Get Python 2.7.8\r\n\r\ncd \/server\/src &amp;&amp; wget https:\/\/www.python.org\/ftp\/python\/2.7.11\/Python-2.7.8.tgz\r\n\r\n\r\ntar xvzf Python-2.7.8.tar.gz\r\n\r\ncd python-2.7.8\r\n\r\n# set up compile environment\r\n\r\nexport LDFLAGS=-\"Wl,-rpath=\/server\/openssl\/lib -L\/server\/openssl\/lib -L\/server\/openssl\/lib64\/\"\r\n\r\nexport\u00a0LD_LIBRARY_PATH=\"\/server\/openssl\/lib\/:\/server\/openssl\/lib64\"\r\n\r\nexport CPPFLAGS=\"-I\/server\/openssl\/include -I\/server\/openssl\/include\/openssl\"\r\n\r\n.\/configure --prefix=\/server\/python-2.7.8\r\n\r\nmake &amp;&amp; make install\r\n\r\n# create softlink, adjust PATH\r\n\r\nln -s \/server\/python-2.7.8 \/server\/python; export PATH=\/server\/python\/bin:$PATH\r\n\r\n# install pip in new python version\r\n\r\nwget --no-check-certificate https:\/\/bootstrap.pypa.io\/get-pip.py\r\n\r\npython2.7 get-pip.py\r\n\r\n# install virtualenv, wheel\r\n\r\npip install virtualenv wheel\r\n\r\n# git-clone certbot (latest version)\r\n\r\n cd \/server\/src\/ ; git clone https:\/\/github.com\/certbot\/certbot\r\n\r\n# Request a certificate manually (certonly)\r\n\r\ncd certbot; .\/letsencrypt-auto certonly --manual -d my.server.tld\u00a0\r\n\r\n# configuring your webserver of choice is left as an exercise for the reader.<\/pre>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u00a0 Getting letsencrypt to run on an ancient CentOS or Red Hat Enterprise Linux 5 system (they still tend to appear in the wild from time to time) can be a major headache. I took some notes during the setup, I hope you find the useful (you&#8217;ll need some basic Unix admin skills in order [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8],"tags":[],"class_list":["post-704","post","type-post","status-publish","format-standard","hentry","category-it"],"_links":{"self":[{"href":"https:\/\/hoover.gplrank.de\/index.php?rest_route=\/wp\/v2\/posts\/704","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hoover.gplrank.de\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hoover.gplrank.de\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hoover.gplrank.de\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/hoover.gplrank.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=704"}],"version-history":[{"count":4,"href":"https:\/\/hoover.gplrank.de\/index.php?rest_route=\/wp\/v2\/posts\/704\/revisions"}],"predecessor-version":[{"id":708,"href":"https:\/\/hoover.gplrank.de\/index.php?rest_route=\/wp\/v2\/posts\/704\/revisions\/708"}],"wp:attachment":[{"href":"https:\/\/hoover.gplrank.de\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=704"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hoover.gplrank.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=704"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hoover.gplrank.de\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=704"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}