[Guide] Adding a Let's Encrypt certificate to the Turris Omnia

I’ve just managed to use Let’s Encrypt on my Turris Omnia without changing any of the configuration files already installed (*). (i.e. I only added new files / settings, and didn’t have to change anything that was already there.)

This doesn’t work if you forward your port 80 to some other device on your network.

Have fun: https://brainfood.xyz/post/20190518-letsencrypt-on-turris-omnia/


(*) Except for the self-signed certificate that was generated initially, which will be replaced by the Let’s Encrypt certificate.



Thanks a lot for this thread. Can I please you to move your guide to our community documentation?
We would really appreciate this.

1 Like

Sure, here you go.


You dont have comments enabled on your blog, so I’m posting it here:

root@turris:~# ./.acme.sh/acme.sh --accountemail "$EMAIL" --update-account
[Thu May 23 09:03:44 BST 2019] Account key is not found at: /root/.acme.sh/ca/acme-v02.api.letsencrypt.org/account.key

Could you try it like this:

./.acme.sh/acme.sh --accountemail "email@your.domain" --update-account

@aker, You need to run --register-account first instead of --update-account. That’s missing from the tutorial.

In version 5.1.1 it does not work if You have Data Collection -> Minipots installed.
The minipot holds port 80 and has priority.
This should be fixed in 5.1.2