Skip to content

Instantly share code, notes, and snippets.

@devlinjunker

devlinjunker/.https

Last active Sep 15, 2020
Star
Embed
What would you like to do?
Learn more about clone URLs
Download ZIP
HTTPS Setup
Raw
.https
HTTPS Setup/Renewal on AWS
Raw
https-renewal.md

Renewing HTTPS Certs

Strange things while attempting to renew... 🤔

  • Attempted to run certbot-auto after ssh in
    • Performed update
    • Failed with Error: couldn't get currently installed version for /opt/eff.org/certbot/venv/bin/letsencrypt:
  • Removed installation directory in /opt/eff.org/
  • Removed certbot-auto binary
  • Retreived newer version with wget https://dl.eff.org/certbot-auto and set permissions chmod a+x certbot-auto
  • Attempted to run sudo certbot-auto
    • Failed with FATAL error about Amazon being Expiremental
    • Reran with sudo certbot-auto --debug
      • Failed again with ImportError: No module named cryptography
      • installed missing modules with sudo /opt/eff.org/certbot/venv/bin/pip install cryptography interface zope.proxy zope.hookable

SUCCESS Updating certificates in /etc/letsencrypt/live/

Raw
https-setup.md

Setting up HTTPS on AWS

  • SSH to Server
  • Download Certbot
    • wget https://dl.eff.org/certbot-auto
    • chmod a+x certbot-auto
  • Make sure Apache is configured correctly with domain in /etc/httpd/conf/http.conf
  • Run sudo ./certbot-auto --apache
    • Will have to answer some questions about which domains you want to secure

Should update /etc/httpd/conf/httpd-le-ssl.conf
Adds to <VirtualHost *:443>:

ServerName <host>
ServerAlias www.<host>

SSLCertificateFile /etc/letsencrypt/live/<host>/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/<host>/privkey.pem
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.