I believe this free server can be automate to requeste a certificate directly from the server. So all of us can have a Free official avalable certificate. Wow!. I want that. For now I’m trying to do the Manual mode. I wonder if someone already worked on this. future?
Yes me too, and there are plans to try and incorporate letsencrypt functionality into the Rockstor Web-Ui. But as always there are complications. The main one, from memory, is how the domain name used accessed/translated to the Rockstor machine if that machine is not directly accessible from the internet. There are also tecnicalities with the authentication, i.e. via DNS via challenge and then how. All fairly doable as per letsencrypt docs but only if the machine in question is directly accessible via a domain name.
Take a look at our outstanding issue for this:
Where a consensus of sorts looks to have centered around the challenge response model of validation/authentication using port 80.
There may well be enough there for you to get this setup for yourself and report back on improvements omission in that thread. That should help for us to get this sorted, at least in one way, for those who are up for at least a little external pre-config, such as port forwarding. However I think in that thread there was speak of intergrating the use of uPnP, common on many consumer networks, to do a port forward, temporarily, upon request. Which all in looks like a really nice compromise.
Take a look and see what you think. Remember that some of what was put into that issue is now out of date as Lets encrypt was pre-release at that point I believe.
Hope that helps, and let us know how you get along.
In addition to @phillxnet’s recommendations, you can also go the Docker way and run Let’sencrypt as a container. While we do not have (yet) a rock-on for Let’sencrypt itself, we do offer a rock-on for NginxProxyManager, which aims at providing an all-in-one image to setup a reverse proxy (Nginx) with support for SSL encryption through Let’sencrypt. You can have a look at the project’s website for more infrormation: