Install Unzip - sudo apt-get install unzip - sudo apt-get install letsencrypt

Service Port Restrictions
ssh 22 Admin Private Subnet
http 80 Public
https 443 Public
http 3333 Admin Private Subnet

SSL Setup

Install nmap for ncat mkdir .well-known/acme-challenge/

root@system:~# letsencrypt certonly --manual -d Saving debug log to /var/log/letsencrypt/letsencrypt.log Obtaining a new certificate Performing the following challenges: http-01 challenge for

NOTE: The IP of this machine will be publicly logged as having requested this certificate. If you're running certbot in manual mode on a machine that is not your server, please ensure you're okay with that.

Are you OK with your IP being logged?


Create a file containing just this data:

ro9Vy6H1oAoW+iXnvbhfmPJrhCh7hBiTWn10pZEk3njewOv1EFTmXU0PsmT/zuxBSLfZ2IB32pE1aIUVHQshiQ And make it available on your web server at this URL:

Press Enter to Continue

touch sxFxS5vn3XWz4aPakzT9dmH0RZ/eEhfWvI5llyJkpApoUog/hmyc6Hew5qo vim sxFxS5vn3XWz4aPakzT9dmH0RZ/eEhfWvI5llyJkpApoUog/hmyc6Hew5qo

sudo certbot certonly --standalone --preferred-challenges http -d


Setting up ‘GoPhish’ on AWS