Wiki

User Tools

Site Tools

Trace:
ubuntu:certificates:let_s_encrypt_certificates

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
ubuntu:certificates:let_s_encrypt_certificates [2020/05/19 09:40] – [Ubuntu - Certificates - Let's Encrypt Certificates] peterubuntu:certificates:let_s_encrypt_certificates [2021/07/05 08:52] (current) peter
Line 1: Line 1:
 ====== Ubuntu - Certificates - Let's Encrypt Certificates ====== ====== Ubuntu - Certificates - Let's Encrypt Certificates ======
 +
 +----
 +
 +[[Ubuntu:Certificates:Let's Encrypt Certificates:Create and Update a LetsEncrypt SSL Certificate with CertBot|Create and Update a LetsEncrypt SSL Certificate with CertBot]]
 +
 +----
  
 Install the Let's Encrypt client, certbot: Install the Let's Encrypt client, certbot:
Line 88: Line 94:
 </code> </code>
  
 +</WRAP>
 +
 +----
 +
 +===== Generate your first cert =====
 +
 +To generate your first cert, open a shell and execute the letsencrypt-auto script
 +
 +<code bash>
 +# cd /root/letsencrypt
 +# ./letsencrypt-auto --config /etc/letsencrypt/configs/example.com.conf certonly
 +Updating letsencrypt and virtual environment dependencies.......
 +Running with virtualenv: /root/.local/share/letsencrypt/bin/letsencrypt --config /etc/letsencrypt/configs/mydomain.conf certonly
 +
 +IMPORTANT NOTES:
 + - Congratulations! Your certificate and chain have been saved at
 +   /etc/letsencrypt/live/www.example.com/fullchain.pem. Your cert will
 +   expire on 2016-02-05. To obtain a new version of the certificate in
 +   the future, simply run Let's Encrypt again.
 +</code>
 +
 +<WRAP info>
 +**NOTE:**  The **certonly** command: we only want to issue certificates and don't want the client to fiddle with our nginx config.
 </WRAP> </WRAP>
  
Line 147: Line 176:
 ===== Automating renewal ===== ===== Automating renewal =====
  
-The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature.  You can test automatic renewal for your certificates by running this command:+The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. 
 + 
 +Since Let's Encrypt certificates last for 90 days, it's highly advisable to take advantage of this feature. 
 + 
 +You can test automatic renewal for your certificates by running this command:
  
 <code bash> <code bash>
Line 167: Line 200:
 done done
  
-**TODO:** Check if letsencrypt-auto is now certbot-auto.  +<WRAP todo> 
 +**TODO:** Check if letsencrypt-auto is now certbot-auto.  
 +</WRAP> 
 + 
  
 # make sure nginx picks them up # make sure nginx picks them up
Line 240: Line 276:
 IMPORTANT:  A DNS entry must exist for the * so ensure this is added. IMPORTANT:  A DNS entry must exist for the * so ensure this is added.
 </WRAP> </WRAP>
 +
 +
 +----
 +
 +===== To Renew manually =====
 +
 +
 +<code bash>
 +letsencrypt certonly --webroot -w /var/www/peterroux.com -d peterroux.com -d www.peterroux.com
 +</code>
  
  
ubuntu/certificates/let_s_encrypt_certificates.1589881238.txt.gz · Last modified: 2020/07/15 09:30 (external edit)
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki