# Any pkg for letsencrypt ?



## bgroper (Jan 29, 2022)

I'm using 13.0-RELEASE
I seen this LetsEncrypt page in the wiki
Followed suggestion to install pkg

```
# pkg install letsencrypt
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
pkg: No packages available to install matching 'letsencrypt' have been found in the repositories
#
```
Please, is there some updated instructions to use letsencrypt ?
TIA's for any tips or clues.


----------



## drr (Jan 29, 2022)

Can sysutils/getssl help? FreshPorts shows that it is available for most FreeBSD versions.


----------



## facedebouc (Jan 29, 2022)

The LetsEncrypt client is in the port security/py-certbot


----------



## covacat (Jan 29, 2022)

*/usr/ports/security/acme.sh/*


----------



## diizzy (Jan 29, 2022)

FreshPorts -- security/lego: Let's Encrypt client and ACME library written in Go
					

lego is a client for Let's Encrypt users, written in Go. It has support for a number of ACME challenges, and no external dependencies.




					www.freshports.org
				



There's a lot of examples available (Google it)


----------



## hardworkingnewbie (Jan 29, 2022)

pkg search acme


----------



## zirias@ (Jan 29, 2022)

As you cen see: tons. I personally like security/uacme (with some own shell scripts).


----------



## drhowarddrfine (Jan 29, 2022)

Just use certbot and be done with it.


----------



## grahamperrin@ (Jan 29, 2022)

diizzy said:


> (Google it)



Incidentally, thanks bgroper for exposing an edge case: 

Support apostrophe ' in searches · Issue #358 · FreshPorts/freshports


----------



## bgroper (Jan 30, 2022)

LetsEncrypt currently claim to have over 275 million certificates issued to active domains.  And growing.
It would not be surprising for many of those certs to be installed on FBSD servers.
When I searched (before starting this thread), google merely returned a plethora of pages which are either obsolete, misleading, or worse.
What is revealed is a gap in the FBSD documentation waiting to be filled. 
Perhaps, when time permits.  Unless someone else gets there first.


----------



## zirias@ (Jan 30, 2022)

bgroper said:


> What is revealed is a gap in the FBSD documentation waiting to be filled.


This would boil down to FreeBSD docs having to cover every little port (and of course, keep up with them). This simply can't be done. The handbook covers some important and widely used ports already. But for small tools (like e.g. all those implementing ACME that can be used with letsencrypt), you will find docs "upstream". All these ports include an URL to their upstream project page in the pkg-descr.


----------



## drhowarddrfine (Jan 30, 2022)

bgroper said:


> When I searched (before starting this thread), google merely returned a plethora of pages which are either obsolete, misleading, or worse.
> What is revealed is a gap in the FBSD documentation waiting to be filled.



My company used letsencrypt on all our servers since the beginning of letsencrypt. The problem was that, when you had to update your cert every three months, you'd find something changed with letsencrypt software and the methodology would no longer work. It had nothing to do with FreeBSD and everything to do with letsencrypt. 

Thus, the reason you are seeing "a plethora of pages" trying to fix all the things that went wrong. The best solution I ever found and used was the aforementioned certbot which I still use to this day.


----------



## grahamperrin@ (Jan 30, 2022)

bgroper said:


> … a plethora of pages which are either obsolete, misleading, or worse.
> 
> … a gap in the FBSD documentation waiting to be filled.
> 
> Perhaps, when time permits. Unless someone else gets there first.



Thanks.

<https://wiki.freebsd.org/FrontPage?...text=180&value=LetsEncrypt&titlesearch=Titles> four matches, the most recent of which has a December 2019 time stamp. I haven't browsed content.


No mention in FreeBSD documentation, as far as I can tell.



Spoiler: grepping my local copy of the main branch.





```
root@mowa219-gjp4-8570p-freebsd:~ # gh repo sync grahamperrin/freebsd-doc && cd /usr/doc && gh repo sync && git -C /usr/ports pull --ff-only && git -C /usr/src pull --ff-only && cd
✓ Synced the "grahamperrin:main" branch from "freebsd:main"
✓ Synced the "main" branch from grahamperrin/freebsd-doc to local repository
Already up to date.
Already up to date.
root@mowa219-gjp4-8570p-freebsd:~ # logout
% grep -r -i -e LetsEncrypt -e Lets\ Encrypt -e Let\'sEncrypt -e Let\'s\ Encrypt /usr/doc/documentation/
%
```


----------



## Alexander Mishin (Jan 30, 2022)

security/dehydrated


----------



## bgroper (Jan 30, 2022)

drhowarddrfine said:


> My company used letsencrypt on all our servers since the beginning of letsencrypt. The problem was that, when you had to update your cert every three months, you'd find something changed with letsencrypt software and the methodology would no longer work. It had nothing to do with FreeBSD and everything to do with letsencrypt.
> 
> Thus, the reason you are seeing "a plethora of pages" trying to fix all the things that went wrong. The best solution I ever found and used was the aforementioned certbot which I still use to this day.



+1 

I too have been using LetsEncrypt (in another 'nix environment) since the early days.  Certbot has rarely missed a beat in many years.
Thanks too for all the other replies above.  Much appreciated.


----------

