Let’s Encrypt SSL in Lighttpd Server

Let’s Encrypt SSL in Lighttpd Server

###  you must change lihgttpd directory to /var/www ,,,, do not use /var/www/html  , the people at lets encrypt added rate limits now 

debian 8 64
lighttpd
lighttpd/1.4.35 (ssl) - a light and fast webserver
Build-Date: Aug  2 2016 09:50:21


wget https://dl.eff.org/certbot-auto
chmod a+x certbot-auto

normally goes in /usr/bin/certbot-auto

certbot-auto certonly --webroot -w /var/www -d website.ovh -d www.website.ovh --register-unsafely-without-email



Combine both certificate and private key in one file

cat /etc/letsencrypt/live/website.ovh/cert.pem /etc/letsencrypt/live/website.ovh/privkey.pem > /etc/letsencrypt/live/website.ovh/web.pem

$SERVER["socket"] == ":443" {
ssl.engine = "enable"
ssl.pemfile = "/etc/letsencrypt/live/website.ovh/web.pem" # Combined Certificate
ssl.ca-file = "/etc/letsencrypt/live/website.ovh/chain.pem" # Root CA
server.name = "website.ovh" # Domain Name OR Virtual Host Name
server.document-root = "/var/www" # Document Root
}

 $HTTP["scheme"] == "http" {
    # capture vhost name with regex conditiona -> %0 in redirect pattern
    # must be the most inner block to the redirect rule
    $HTTP["host"] =~ ".*" {
        url.redirect = (".*" => "https://%0$0")
    }
}