# Enable SSL Let’s Encrypt

##### [Order now](https://puqcloud.com/puqvpncp.php) | [Download](https://download.puqcloud.com/cp/puqvpncp/) | [FAQ](https://faq.puqcloud.com)

<p class="callout info">For the solution to work properly, you must activate the automatic handling of SSL certificates through the Lets Encrypt service.</p>

#### **Requirements**

- The active domain name that resolves the server's IP address (IPv6 and IPv6)
- Port 80 and 443 are always open, and not busy with another process

**In order for the system to start the procedure for obtaining an SSL certificate from Let's Encrypt, it is necessary to:**

1\. In the configuration file, enable the use of SSL and enter the *domain name*.

```shell
nano /etc/puqvpncp/puqvpncp.conf 
```

```shell
LetsEncrypSSL=yes
Domain=XXXXXX.XXX
```

2\. Restart the **PUQVPNCP** service

```shell
service puqvpncp restart
```

<p class="callout info">After these steps, the first time you connect to the server via the https protocol, the system will request an SSL certificate and automatically renew it if necessary.</p>

<p class="callout warning">ATTENTION. After activating SSL, the system will only work in the https protocol on port 443.   
A redirect is also set from port 80 to port 443.</p>

<p class="callout warning">To connect to the server via the https protocol, use only the domain that was set in the configuration file.   
Otherwise, you will get an error that SSL is not working correctly.</p>