Last active
October 24, 2017 14:39
-
-
Save eukras/7570f5e782b66e2a30abeb6ae6e34d24 to your computer and use it in GitHub Desktop.
Certbot/Apache Setup Notes
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Setting up certbot and autorenewal on Apache | |
sudo git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt | |
cd /opt/letsencrypt | |
sudo -H ./letsencrypt-auto certonly --standalone -d example.com -d www.example.com | |
echo '@monthly root /opt/letsencrypt/letsencrypt-auto certonly --quiet --standalone --renew-by-default -d example.com -d www.example.com >> /var/log/letsencrypt/letsencrypt-auto-update.log' | sudo tee --append /etc/crontab | |
# Add cerificates and redirect to Apache conf | |
sudo vim /etc/apache2/sites-enabled/example.com # With: | |
<VirtualHost *:80> | |
ServerAdmin admin@example.com | |
ServerName example.com | |
ServerAlias www.example.com | |
Redirect / https://example.com/ | |
</VirtualHost> | |
<VirtualHost *:443> | |
SSLEngine On | |
SSLCertificateFile /etc/letsencrypt/live/example.com/cert.pem | |
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem | |
# SSLCACertificateFile /etc/ssl/certs/ca-certificates.crt #If using a self-signed certificate, omit this line | |
ServerAdmin admin@example.com | |
ServerName example.com | |
ServerAlias www.example.com | |
DocumentRoot /srv/www/example.com/web | |
ErrorLog /srv/www/example.com/logs/error.log | |
CustomLog /srv/www/example.com/logs/access.log combined | |
</VirtualHost> | |
# Make it happen | |
sudo a2enmod ssl | |
sudo apache2ctl restart |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment