theel0ja/ModRewrite.htaccess

## README.md

      
    Raw
  

              README.md
            
          
    Let's encrypt kapsi.fi

Asenna acme.sh

curl https://get.acme.sh | sh
Asenna sertifikaatti

Jos käytät tavallista ~/sites/ kansiota, valitse skriptiksi createCert.sh, jos taas käytät Siiloweb'iä, valitse createCertForSiilo.sh
Wildcardille on createWildcardCertWithCloudflare.sh (Cloudflare DNS), täältä löytyy ohjeet muille DNS-tarjoajille.
Jos käytössä mod_rewrite, katso .htaccess tiedosto.
Kokeile konfiguraatiota ssllabs.com

https://www.ssllabs.com/ssltest/

  
## createCert.sh
VHOST=www.eliasojala.me
SITE_FOLDER=~/sites/$VHOST

mkdir $SITE_FOLDER/.ssl
wget https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem -O $SITE_FOLDER/.ssl/ca.crt

~/.acme.sh/acme.sh --issue -w $SITE_FOLDER/www -d $VHOST \
--cert-file $SITE_FOLDER/.ssl/server.crt \
--key-file $SITE_FOLDER/.ssl/server.key \
-d eliasojala.me # lisädomainit

## createCertForSiilo.sh
VHOST=cloud.eliasojala.me
SITE_FOLDER=~/siilo/sites/$VHOST

mkdir $SITE_FOLDER/.ssl
wget https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem -O $SITE_FOLDER/.ssl/ca.crt

~/.acme.sh/acme.sh --issue -w $SITE_FOLDER/www -d $VHOST \
--cert-file $SITE_FOLDER/.ssl/server.crt \
--key-file $SITE_FOLDER/.ssl/server.key

## createWildcardCertWithCloudflare.sh
VHOST=theel0ja.info
SITE_FOLDER=~/sites/$VHOST

mkdir $SITE_FOLDER/.ssl
wget https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem -O $SITE_FOLDER/.ssl/ca.crt

# Cloudflare asetukset (VAIHDA!)
export CF_Email="example@example.com"
export CF_Key="5AA75B24BEFE1FEB329988FDFD442"

~/.acme.sh/acme.sh --issue --dns dns_cf -d $VHOST -d *.$VHOST \
--cert-file $SITE_FOLDER/.ssl/server.crt \
--key-file $SITE_FOLDER/.ssl/server.key/

## ModRewrite.htaccess
# Jos käytät mod_rewriteä, älä rewriteä acme-challenge kansiota

RewriteRule ^\.well-known\/acme-challenge\/ - [L]
	VHOST=www.eliasojala.me
	SITE_FOLDER=~/sites/$VHOST

	mkdir $SITE_FOLDER/.ssl
	wget https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem -O $SITE_FOLDER/.ssl/ca.crt

	~/.acme.sh/acme.sh --issue -w $SITE_FOLDER/www -d $VHOST \
	--cert-file $SITE_FOLDER/.ssl/server.crt \
	--key-file $SITE_FOLDER/.ssl/server.key \
	-d eliasojala.me # lisädomainit
	VHOST=cloud.eliasojala.me
	SITE_FOLDER=~/siilo/sites/$VHOST

	mkdir $SITE_FOLDER/.ssl
	wget https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem -O $SITE_FOLDER/.ssl/ca.crt

	~/.acme.sh/acme.sh --issue -w $SITE_FOLDER/www -d $VHOST \
	--cert-file $SITE_FOLDER/.ssl/server.crt \
	--key-file $SITE_FOLDER/.ssl/server.key
	VHOST=theel0ja.info
	SITE_FOLDER=~/sites/$VHOST

	mkdir $SITE_FOLDER/.ssl
	wget https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem -O $SITE_FOLDER/.ssl/ca.crt

	# Cloudflare asetukset (VAIHDA!)
	export CF_Email="example@example.com"
	export CF_Key="5AA75B24BEFE1FEB329988FDFD442"

	~/.acme.sh/acme.sh --issue --dns dns_cf -d $VHOST -d *.$VHOST \
	--cert-file $SITE_FOLDER/.ssl/server.crt \
	--key-file $SITE_FOLDER/.ssl/server.key/
	# Jos käytät mod_rewriteä, älä rewriteä acme-challenge kansiota

	RewriteRule ^\.well-known\/acme-challenge\/ - [L]