Lunetikk's IT Wiki

User Tools

Site Tools

You are here: start » linux » ubuntu » certbot
Trace:
linux:ubuntu:certbot

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
linux:ubuntu:certbot [2018/01/05 17:51] lunetikklinux:ubuntu:certbot [2018/12/13 09:28] (current) – [nginx] lunetikk
Line 3: Line 3:
  
 ===== Installation ===== ===== Installation =====
- 
-[[https://gist.github.com/cecilemuller/a26737699a7e70a7093d4dc115915de8]] 
  
 <code> <code>
Line 16: Line 14:
  
 ==== nginx ==== ==== nginx ====
 +
 +Good guide for nginx config and cronjob for auto renew\\
 +[[https://gist.github.com/cecilemuller/a26737699a7e70a7093d4dc115915de8]]
 +
  
 Create "/etc/nginx/letsencrypt/letsencrypt.conf" with the following Create "/etc/nginx/letsencrypt/letsencrypt.conf" with the following
Line 29: Line 31:
 <code>include /etc/nginx/letsencrypt/letsencrypt.conf;</code> <code>include /etc/nginx/letsencrypt/letsencrypt.conf;</code>
  
-Create a folder for challanges +Create a folder for challenges 
-<code>mkdir -p /usr/local/nginx/html/letsencrypt/.well-known/acme-challenge<code>+<code>mkdir -p /usr/local/nginx/html/letsencrypt/.well-known/acme-challenge</code>
  
 ==== apache2 ==== ==== apache2 ====
  
 +Just try it. 
  
 ===== Get certs ===== ===== Get certs =====
Line 41: Line 44:
 </code> </code>
  
 +==== nginx ==== 
 +Add to your vhost config
 +<code>
 +ssl_certificate /etc/letsencrypt/live/lunetikk.de/fullchain.pem;
 +ssl_certificate_key /etc/letsencrypt/live/lunetikk.de/privkey.pem;
 +ssl_trusted_certificate /etc/letsencrypt/live/lunetikk.de/fullchain.pem;
 +</code>
 +
 +==== apache2 ==== 
 Add to your vhost config Add to your vhost config
 <code> <code>
Line 48: Line 60:
 </code> </code>
  
-===== Commands =====+===== Automation =====
  
 +Create a script for automation
 +
 +<code>
 +#!/bin/bash
 +/usr/bin/certbot renew --renew-hook "service apache2 reload" > /var/log/certbot-renew.log
 +mail -s "CERTBOT Renewals" <YOURMAILADDRESS> < /var/log/certbot-renew.log
 +DATE=`date +%Y-%m-%d`
 +mv /var/log/certbot-renew.log /var/log/certbot-renew_%DATE.log
 +exit 0
 +</code>
 +
 +Add to your crontab
 +
 +<code>@daily /bin/certbotrenew.sh</code>
 +
 +===== Commands =====
  
-certbot certonly --webroot --agree-tos --no-eff-email --email <mail> -w /usr/local/nginx/html/letsencrypt -d <www.domain.de> -d <domain.de> +^  Command  ^  Function 
-Obtain or renew a certificate +|  %%certbot certonly --webroot --agree-tos --no-eff-email --email <mail> -w /usr/local/nginx/html/letsencrypt -d <www.domain.de> -d <domain.de>%%  |  Obtain or renew a certificate  | 
-certbot  renew Renew all previously obtained certificates that are near expiry +|  certbot  renew  |  Renew all previously obtained certificates that are near expiry  | 
-certbot certonly --dry-run Test "renew" or "certonly" without saving any certificates to disk +|  %%certbot certonly --dry-run%%  |  Test "renew" or "certonly" without saving any certificates to disk  | 
-certbot certificates Display information about certificates you have from Certbot +|  certbot certificates  |  Display information about certificates you have from Certbot  | 
-certbot revoke Revoke a certificate (supply --cert-path) +|  certbot revoke  |  Revoke a certificate (supply --cert-path)  | 
-certbot delete Delete a certificate+|  certbot delete  |  Delete a certificate  |
  
linux/ubuntu/certbot.1515171064.txt.gz · Last modified: 2018/01/05 17:51 by lunetikk

Page Tools

Impressum Datenschutz
Except where otherwise noted, content on this wiki is licensed under the following license: Public Domain
Public Domain Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki