Go back

How to create a “Let’s Encrypt” certificate on Windows

April 4, 2021
Aleksandr Parinov

Aleksandr Parinov

Cryptographic certificates are the digital equivalent of website validation, which enables you to encrypt connections using TLS protocol and thus provide a secure link between server and client.

There are both paid and free certification centers. Let’s Encrypt is one of the free centers, which provides certificates for 90 days with an automatic renewal option.

For TrueConf Server users TLS certificate is required to join web meetings via WebRTC application and sync TrueConf Server with Active Directory.

Step 1: Getting started

First, you should stop all TrueConf Server services and all processes that can use 80 and 443 ports, such as Apache Http Server.

To create a TLS certificate on Windows, download the ACME Simple (WACS) program. Then follow the instruction:

  1. Extract the downloaded archive to the C:\wacs\ folder.
  2. Create a crt directory in the same folder.
  3. Open Windows Defender Firewall.
  4. Go to Advanced SettingsInbound RulesNew RulePort; enter 80 and 443 ports separated by comma in the Specific local ports field and click Next. Then select Allow the connection, click Next again, specify which profiles the rule will apply to (for all by default) and after clicking Next, save the rule under any name.

Step 2: Creating a certificate

Open a command line (cmd) as administrator and enter the following commands one by one:

  1. Run C:\wacs\wacs.exe.
  2. Then select:
    • Create new certificate (full options) (enter m)
    • Manual input (enter 1).
  3. Specify your domain name and press Enter twice to confirm.
  4. Then choose:
    • [http-01] Serve verification files from memory (enter 2)
    • RSA key (enter 2)
    • PEM encoded files (Apache, nginx, etc.) (enter 2).
  5. Specify a folder for saving certificates C:\wacs\crt.
  6. After that, select:
    • No (additional) store steps (enter 3)
    • No (additional) installation steps (enter 4).
  7. Specify an email address for error notifications.
  8. Answer additional questions as follows:
    • for the Open in default application? type no
    • for the Do you agree with terms? type yes.

When you successfully create the certificate, you will see the Authorization result: valid message. Answer no to the Do you want to specify the user the task will run as? question.

Three files will be generated in the C:\wacs\crt folder:

  • domain_name-crt.pem is the certificate itself
  • domain_name-key.key is the key file
  • domain_name-chain.pem is the trust chain, it includes Let’s Encrypt root and intermediate certificates.

Now you can use them in TrueConf Server, as shown in our article.

Still have questions? Please contact our support team directly via online chat.

Sign up for newsletter