Tag Archive for apache

Let’s Encrypt howto

Clone Git repo:

sudo git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt

than:

cd /opt/letsencrypt

Generate apache config and certs:

./letsencrypt-auto --apache -d example.com

or with subdomain

./letsencrypt-auto --apache -d example.com -d www.example.com

lets test it:

https://www.ssllabs.com/ssltest/analyze.html?d=example.com&latest

Enable auto renewal:

./letsencrypt-auto renew

output be similar like this:

Checking for new version...
Requesting root privileges to run letsencrypt...
   /root/.local/share/letsencrypt/bin/letsencrypt renew
Processing /etc/letsencrypt/renewal/example.com.conf

The following certs are not due for renewal yet:
  /etc/letsencrypt/live/example.com/fullchain.pem (skipped)
No renewals were attempted.

add it to crontab:

sudo crontab -e

add a line:

30 2 * * 1 /opt/letsencrypt/letsencrypt-auto renew >> /var/log/le-renew.log

SSL hibák megoldása

Ha az alábbi hibaüzenet van a logokban:

RSA server certificate CommonName (CN) `localhost' does NOT match server name!?

akkor adjuk hozzá az SSL-t használó hosztot a hosts fájlhoz:

$vi /etc/hosts

127.0.0.1        localhost,<SSL_HOST_1>,<SSL_HOST_2> etc.