Page tree

Welcome to FreeSoftwareServers Confluence Wiki

Skip to end of metadata
Go to start of metadata

https://certbot.eff.org/docs/using.html#

Download:

curl https://dl.eff.org/certbot-auto > /usr/local/bin/certbot-auto
chmod a+x /usr/local/bin/certbot-auto

https://certbot.eff.org/docs/using.html#webroot

Manual Run:

certbot certonly --webroot -w /var/www/example -d www.example.com -d example.com -w /var/www/other -d other.example.net -d another.other.example.net
systemctl stop apache2 ; systemctl stop nginx ; certbot certonly --standalone -w /var/www/example -d www.example.com -d example.com -w /var/www/other -d other.example.net -d another.other.example.net

https://certbot.eff.org/docs/using.html#renewing-certificates

Auto-Renew:

cat << 'EOL' >/etc/cron.d/certbot
@daily * * * certbot-auto renew --quiet  --pre-hook "systemctl stop nginx ; systemctl stop apache2"  --post-hook "systemctl start nginx ; systemctl start apache2"
EOL

https://certbot.eff.org/docs/using.html#where-are-my-certificates

Configure Apache:

SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/example.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/example.com/chain.pem

Configure NGinX:

ssl on;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
  • No labels