xx

Let's Encrypt

In this setup step, we will configure a certificate order from the certificate issuance provider Let's Encrypt. A certificate is mandatory for a TLS connection.

To provide this node with a certificate you can either upload a certificate manually or let anynode acquire it automatically using a certification issuance service. It is important to note that the certificate must include the valid SBC FQDN. Trusted certificates can be generated and renewed automatically within anynode's frontend, including the option to do so without incurring additional costs, especially when using trusted certificate authorities like Let's Encrypt or Zero SSL.

It is worth noting that anynode accepts any certificate format and will convert it internally into the correct one if you manually upload a certificate.

Click on Order a certificate from a certification issuance service.

You have a choice of several certification issuance providers at this point:

  • Let's Encrypt

  • ZeroSSL

  • GoDaddy

Depending on the chosen service, the registration process for the ACME account will differ in the next input screen. We will introduce all three certification issuance providers, starting with Let's Encrypt. Check the next chapters for ZeroSSLor GoDaddy.

Be aware that requesting certificates via Let's Encrypt for testing purposes cannot be repeated arbitrarily. Please refer to the Rate Limits documentation at Let's Encrypt for further information.

Certificate Source

For our example, we will order a certificate from the certification issuance provider Let’s Encrypt.

Simply click Next to proceed.

Screenshot: anynode assistant for a new node with option to order a certificate from a certification issuance provider like Let's Encrypt, ZeroSSL or GoDaddy. Screenshot: anynode assistant for a new node with option to order a certificate from a certification issuance provider like Let's Encrypt, ZeroSSL or GoDaddy.
anynode assistant for a new node with option to order a certificate from a certification issuance provider like Let's Encrypt, ZeroSSL or GoDaddy.

ACME Account

The node interconnection assistant will create an account for a certification issuance provider like Let's Encrypt. For other services like ZeroSSL or GoDaddy, an external account with an identifier and key is required. You need to enter an email address at this point.

We advise against using disposable email addresses, such as user@example.com, as they are detected and rejected by Let’s Encrypt. In such cases, the certificate retrieval cannot be completed.

Consent to the terms of service is a prerequisite for every certification issuance provider.

Click Next to proceed.

Screenshot: anynode assistant for a new node with selection or creation of the ACME account to retrieve certificates from Let's Encrypt. Screenshot: anynode assistant for a new node with selection or creation of the ACME account to retrieve certificates from Let's Encrypt.
anynode assistant for a new node with selection or creation of the ACME account to retrieve certificates from Let's Encrypt.