User Tools

Site Tools


letsencrypt

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
letsencrypt [2016/12/18 13:32]
ian
letsencrypt [2020/02/13 22:55] (current)
Line 21: Line 21:
 </code> </code>
  
-2. Add a monthly script to perform the renewals+2. Add a weekly script to perform the renewals
  
 <code> <code>
Line 30: Line 30:
 logger "Start: $0" logger "Start: $0"
  
-' >> /etc/cron.monthly/letsencrypt-renew +' >> /etc/cron.weekly/letsencrypt-renew 
-# chmod u+x /etc/cron.monthly/letsencrypt-renew+# chmod u+x /etc/cron.weekly/letsencrypt-renew
 </code> </code>
  
Line 37: Line 37:
  
 <code> <code>
-/usr/local/sbin/certbot-auto certonly --webroot --webroot-path /home/ian/public_html/braindump/dokuwiki/ -d braindump.ca -d www.braindump.ca -d braindump.mrzesty.net+/usr/local/sbin/certbot-auto certonly --webroot --webroot-path /var/www -d braindump.ca -d www.braindump.ca -d braindump.mrzesty.net
 </code> </code>
  
Line 51: Line 51:
  
 4. <code> 4. <code>
-echo '/usr/local/sbin/certbot-auto renew --post-hook "systemctl reload apache2"' >> /etc/cron.monthly/letsencrypt-renew+echo '/usr/local/sbin/certbot-auto renew --deploy-hook "systemctl reload apache2"' >> /etc/cron.weekly/letsencrypt-renew
 </code> </code>
  
Line 69: Line 69:
         ServerAlias www.braindump.ca braindump.mrzesty.net         ServerAlias www.braindump.ca braindump.mrzesty.net
  
 +        DocumentRoot /var/www/
         RewriteEngine On         RewriteEngine On
-        RewriteRule /(.*) https://%{HTTP_HOST}/$1 [R]+        RewriteCond %{REQUEST_URI} !/.well-known/.* 
 +        RewriteRule (.*) https://%{HTTP_HOST}$1 [R]
 </VirtualHost> </VirtualHost>
  
Line 84: Line 86:
 6. You can repeat steps 5-6 for any additional SSL certificates for other public sites on the server. 6. You can repeat steps 5-6 for any additional SSL certificates for other public sites on the server.
  
-**/etc/cron.monthly/99letsencrypt-renew**:+**/etc/cron.weekly/letsencrypt-renew**:
 <code> <code>
 #!/bin/bash #!/bin/bash
Line 92: Line 94:
 logger "Start: $0" logger "Start: $0"
  
-/usr/local/sbin/certbot-auto renew --post-hook "systemctl reload apache2"+/usr/local/sbin/certbot-auto renew --deploy-hook "systemctl reload apache2"
  
 logger "End: $0" logger "End: $0"
 </code> </code>
  
letsencrypt.1482085957.txt.gz · Last modified: 2020/02/13 22:55 (external edit)

free spam filter