Skip to content

Using Let's Encrypt

Using Let's Encrypt

There’s an operations file in the concourse-bosh-deployment repository that turns on the Let’s Encrypt ACME service. Using this operations file can help reduce the number of certificates you need to rotate. If you'd like to try this with your v6.x.x deployment you will need to add the enable-lets-encrypt.yml operations file and remove the TLS operations files:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
  bosh deploy \
  -e BOSH-ENVIRONMENT-ALIAS \
  -d CONCOURSE-DEPLOYMENT-NAME \
  ./cluster/concourse.yml \
  -l versions.yml \
  -l variables.yml \
  -o ./cluster/operations/backup-atc.yml \
  -o ./cluster/operations/basic-auth.yml \
  -o ./cluster/operations/static-web.yml \
  -o ./cluster/operations/priviledged_https.yml \
- -o ./cluster/operations/tls-vars.yml \
- -o ./cluster/operations/tls.yml \
  -o ./cluster/operations/encryption.yml \
+ -o ./cluster/operations/enable-lets-encrypt.yml \
  --vars-store cluster-creds.yml