Skip to content

Setup Boulder CA on Amazon Linux

Jump to bottom Edit New page
ebekker edited this page Aug 19, 2015 · 5 revisions

Setting up Boulder on Amazon Linux

The letsencrypt-win ACME client is being developed and tested against the Boulder CA reference implementation of an ACME server. The steps here outline how to spin up an AWS EC2 instance running the Amazon Linux AMI and configure it to run Boulder.

  • Launch latest AMI

  • sudo yum update; sudo reboot

  • sudo yum install libtool-ltdl-devel

  • sudo yum install golang-pkg-linux-amd64

  • You need to enable the epel yum repo:

    • sudo vi /etc/yum.repos.d/epel.repo

  • sudo yum install npm

  • sudo yum install rabbitmq-server

  • sudo service rabbitmq-server start

  • UPDATE 2015/08/14 - As of versions b08e6e0badb9f6242976dbceb4d9799e22da5047, 86390e312b015d170be190c52755548daeac337c and 64987a3639b77fb52063cb1db6165be44030cf15 integration tests moved from using SQLite to MariaDB/MySQL

  • mkdir gocode

  • export GOPATH=/home/ec2-user/gocode ## add this to your .bash_profile

  • export PATH=$PATH:$GOPATH/bin ## add this to your .bash_profile

  • edit the test config file test/boulder-config.json:

    • replace the value at JSON path wfe.listenAddress with 0.0.0.0:4000 to allow it to accept non-localhost connections

  • Follow along as in the quickstart with these caveats:

    • vi $GOPATH/src/github.com/letsencrypt/boulder/Godeps/_workspace/src/golang.org/x/crypto/ocsp/ocsp.go
      • search for elliptic.P224
      • comment out that switch statement case
      • can't use this pubkey curve variation, maybe because of export restrictions
      • replace nodejs with just node

  • If you want to update the Boulder code base do:

    • go get -u github.com/letsencrypt/boulder
    • Watch out for conflicts with any local changes, you may need to re-apply any local mods or temporarily move them out of the way.
Add a custom footer

Home

Docs

Legacy Docs - out of date

Reference

A bit dated

Clone this wiki locally