[Updated 11/17 to reflect deprecation of Let’s Encrypt Mac OSX client.]
While it’s preferrable to install Electronic Frontier Foundation‘s certbot* on your hosting environment (so certificate renewal can be automated via cron), you’ll need root access to do so, in order to install dependencies.
For those situations where that’s not possible, (such as a site hosted on a shared environment), you can install certbot and generate the certificates locally.
Make sure you have all of the following installed and updated:
- Homebrew — Run the following on the command-line to install Homebrew:
/usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
If you already have brew installed, run
brew upgrade, then run
brew doctorand address any issues that come up.
- Git —
brew install git
- Xcode – Install it via the App Store, then run
xcode-select --installto install the command-line tools.
- Pip –
sudo easy_install pip
Thanks to Homebrew, installing certbot is one, simple command:
brew install certbot
Assuming no issues, you’re now ready to generate SSL certificates locally.
*What happened to Let’s Encrypt’s Mac OSX client?
certbot-auto support for OSX (among others) was never more than “experimental”, hence having to add the
--debug flag when installing it. Running either of these commands will now return this error message:
WARNING: certbot-auto support for this macOS is DEPRECATED! Please visit certbot.eff.org to learn how to download a version of Certbot that is packaged for your system. While an existing version of certbot-auto may work currently, we have stopped supporting updating system packages for your system. Please switch to a packaged version as soon as possible.
They’re being phased out in favor of certbot, which has proper OS package support.