Our Let’s Encrypt plugin allows you to issue and manage Let’s Encrypt certificates directly from the Snapt UI.
Step 1: Install the plugin
Navigate to Setup > Modules & Plugins > Add Plugins > Misc > Lets Encrypt and click the install button.
Step 2: Accept the Terms and Conditions
Once installed navigate to Setup > Let’s Encrypt > Config. Here you will need to accept the terms and conditions, fill in your email address, 2 letter country code and state, then click “Save”. This only needs to be filled in once.
Step 3: Adding your domain
Navigate to Setup > Let’s Encrypt > Certificates and Click on the “Add Domain” tab.
Fill in the fully qualified domain name(FQDN) for the certificate you want to create and the type of verification.
- Provisioning a DNS record under,
- Provisioning an HTTP resource under a well-known URI on
The verification will need you to add either a TXT record to your domain management or a file on your web server with a verification code that can be accessed by LetsEncrypt to verify that you own the domain.
Step 4: Verification
Once you save you will be given details of the verification needed to activate the certificate.
DNS TXT Verification
If you have chosen to use the DNS TXT verification you can go to your domain management and add a TXT entry with the name eg. _acme-challenge.adc.demo1.snapt.net with the verification in the value field
Once saved and propagated you can use dig from the terminal to see if you receive an answer
eg. dig -t txt _acme-challenge.adc.demo1.snapt.net
you should receive a response similar to this
;; ANSWER SECTION:
_acme-challenge.adc.demo1.snapt.net. 600 IN TXT “oYUahZTmiI51nOE4gNgZA5CMSVOiUavMEvuxw6i0-7c”
This will indicate that the verification code can be seen and verified.
A file path has to be added to the document root folder of your website for this verification. From the base folder create folders .well-known/acme-challenge with the file name specified above and add the value into that file.
To confirm that the file resource is accessible, try to navigate to that location from a browser, e.g http://adc.demo1.snapt.net/.well-known/acme-challenge/L1t9d2xoVHd3CGK-Zh5sZdW_GeaCXoYB2I3653hREEE
Balancer or Accelerator Verification
If you already have a Balancer Frontend/Group or Accelerator Frontend configured on Snapt you can also opt for the Balancer or Accelerator Verification. Snapt will make a slight change to your config, but no service disruptions will occur.
We’ll simply place the verification file on the Snapt box, and intercept the Let’s Encrypt inbound traffic to the verification file on Snapt. Using this method, you don’t need to manually create and place the file on your backend server.
Select the group that is able to accept traffic from the WWW by clicking on the “Click to enable”
The same process is followed on the Accelerator side as with the Balancer Verification.
Step 5: Click on Verify Activation to complete the process and download certificates to be placed in Setup > SSL > SSL Certificates
If you need the certificate to be added to Snapt Balancer you download the PEM certificate, and with the Snapt Accelerator KEY & CRT will be needed.