Let's encrypt

Use Let’s encrypt to generate a certificate

You can also use Let’s encrypt to fetch a valid certificate. Use the following command:

goshs -s -sl -sle your@mail.com -sld your.domain.com,your.seconddomain.com

You will have to make sure that your IP is reachable via the domain name by creating an A entry with you DNS service provider first.

Then the example command will create two files called key and cert if the request for a certificate is successful.

Info

For this to work let’s encrypt needs to reach goshs at port 80 and 443. So you will need to start it as root. There are several options you can choose from to circumvent running goshs as root after obtaining a valid certificate.

Drop user privileges using -u (preferred)
Run it once as root until you obtain the certificate. Then stop it and rerun it using key and cert like: ./goshs -s -sk key -sc cert as non-root user
Use -slh and -slt to choose different challenge ports and proxy port 80 and 443 to them