Today I am moving away from Cloudflare to see if it can reduce HTTP request wait times, I suspect although they provide a little caching and security for free given I have implemented Fail2Ban and the right caching plugins that an extra link in the HTTPS chain is no longer necessary.

So here is my working process for enabling LetsEncrypt on Linux CentOS 6 with VirtualMin and SSH. Remember to replace DOMAINUSERNAME with the account of your virtualhost and YOURDOMAIN with your equivalent of the script handles the www version simultaneously.

cd /home/DOMAINUSERNAME/ && git clone

mkdir /home/DOMAINUSERNAME/ssl_certificates

Setup 1st of the month cron job in virtualmin for this command
cd /home/DOMAINUSERNAME/letsencrypt/ && ./letsencrypt-auto certonly --email [email protected] --agree-tos --webroot --renew-by-default -w /home/DOMAINUSERNAME/public_html/ -d www.YOURDOMAIN -d YOURDOMAIN --authenticator webroot && cp -f /etc/letsencrypt/live/www.YOURDOMAIN/cert.pem /home/DOMAINUSERNAME/ssl_certificates/cert.pem && cp -f /etc/letsencrypt/live/www.YOURDOMAIN/chain.pem /home/DOMAINUSERNAME/ssl_certificates/chain.pem && cp -f /etc/letsencrypt/live/www.YOURDOMAIN/fullchain.pem /home/DOMAINUSERNAME/ssl_certificates/fullchain.pem && cp -f /etc/letsencrypt/live/www.YOURDOMAIN/privkey.pem /home/DOMAINUSERNAME/ssl_certificates/privkey.pem

In Virtualmin, select you domain and go to “Edit virtual server”, make sure that SSL is enabled under “Enabled features”.

Under “Server configuration” go to “Manage SSL Certificate”. Select the tab “Update Certificate and Key” and under “Signed SSL certificate” select the option “File on server”, fill in the location of the certificate: “/home/DOMAINUSERNAME/ssl_certificates/cert.pem”

Do the same for section “Matching private key”. Select: “/home/DOMAINUSERNAME/ssl_certificates/privkey.pem”

Click on “Install Now”.

Switch to tab “CA Certificate”, select “In file on server ” and fill in: “/home/DOMAINUSERNAME/ssl_certificates/fullchain.pem”

Click on “Save Certificate”.