LetsEncrypt is a free service that allows getting a valid signed certificate automatically. This is done using port 80 on the Pritunl server to verify the domain ownership. The certificate will then automatically renew every 60 days. Before setting the LetsEncrypt domain the dns settings for the domain must point to the public ip address of the Pritunl server. If a firewall is used port 80 must be publicly open. For the certificate to be able to automatically renew the firewall and dns settings will need to be properly configured. After setting the LetsEncrypt domain the Pritunl server will generate a signed certificate and automatically restart the web server. The certificate will be configured on all the hosts in an Enterprise cluster.
Updated about a year ago