Install Free LetsEncrypt Certificates on WebFaction

Let’s walk through the process of using Let’s Encrypt Free SSL Certificates on WebFaction:

Part1: Install and Configure “letsencrypt-webfaction” on Your Server:

Step 1) Visit Will-in-wi’s “letsencrypt-webfaction” repository at github and read through the documentation to get a grasp of the software you’re installing.


Step 2) Login to your server via SSH and run the following command to install the letsencrypt_webfaction package via the RubyGems package management site:

GEM_HOME=$HOME/.letsencrypt_webfaction/gems RUBYLIB=$GEM_HOME/lib gem2.2 install letsencrypt_webfaction

Step 3) Add the following to ~/.bash_profile (using, for example, an FTP client or your favorite text editor):

function letsencrypt_webfaction {
    PATH=$PATH:$GEM_HOME/bin GEM_HOME=$HOME/.letsencrypt_webfaction/gems RUBYLIB=$GEM_HOME/lib ruby2.2 $HOME/.letsencrypt_webfaction/gems/bin/letsencrypt_webfaction $*

Step 4) Create a new config file for your certificate defaults in your home cd ~/ directory called “LetsEncrypt_Config.yml” with the following content:

key_size: 4096
# We need an ACME server to talk to, see
endpoint: ''
domains: []
public: ''
output_dir: '~/LetsEncrypt_Certs/'
letsencrypt_account_email: ''
api_url: ''
username: 'webfaction_username'
password: 'webfaction_password'
servername: ''
cert_name: ''

Generate A Certificate:

Step 1) 

Copy the code below to your notepad:

letsencrypt_webfaction --config ~/LetsEncrypt_Config.yml --domains {hostName}.com,www.{hostName}.com --public ~/webapps/{hostName}

In NotePad, replace {hostName} with the name your domain:

--domains {hostName}.com,www.{hostName}.com

Then replace {websiteName} with name of your website’s directory or it’s public path:

 --public ~/webapps/{websiteName}

Login to your server via SSH and paste the modified code from your notepad and hit enter.

If successful, a new certificate will appear in your WebFaction dashboard.

Step 2) Login to your WebFaction dashboard and add new Website called {hostName}_https.  Link both versions of your domains (,  Switch on the HTTPS setting. Select your new certificate from the dropdown menu and click save.

Step 3) Add the following code to your .htaccess file to insure SSL is turned on and people are redirected to the version of your site.

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Step 4) You can add a cron job to re-issue the certificate every three months automatically. Connect to your server via SSH and edit your crontab by executing the following command:

crontab -e

Then type i to switch to insert mode.

Copy the code below to your notepad:

0 4 1 */2 * PATH=$PATH:$GEM_HOME/bin:/usr/local/bin GEM_HOME=$HOME/.letsencrypt_webfaction/gems RUBYLIB=$GEM_HOME/lib ruby2.2 $HOME/.letsencrypt_webfaction/gems/bin/letsencrypt_webfaction --config ~/LetsEncrypt_Config.yml --domains {hostName}.com,www.{hostName}.com --public ~/webapps/{websiteName}

0 4 1 */2 * represents the time your job will execute. See:

This would run at 4 a.m. on the first day of January, March, May, July, September, and November. Certificates expire three months after issuance, so modify as desired (for example, you may want to run the task every two months initially, to be sure that everything is working before extending the period). Change the date of the Cron task so that WebFaction staff don’t simultaneously receive all certificate change requests on the first day of the month.

In NotePad, replace {hostName} with the name your domain:

--domains {hostName}.com,www.{hostName}.com

Then replace {websiteName} with name of your website’s directory or it’s public path:

 --public ~/webapps/{websiteName}

Switch back to your Terminal SSH session and move the insert cursor to end of screen and hit enter to create a new line. Then paste the modified code from your notepad.

If you want to be notified upon failure paste in the following code at top of your crontab:

Once you’re done editing your crontab type esc, then type :w to write the crontab and type :q to quit the editor.