Skip to content

Instantly share code, notes, and snippets.

@theel0ja
Last active August 20, 2019 10:59
Show Gist options
  • Save theel0ja/a0fdeb89a1e3831184a2216970c6ed53 to your computer and use it in GitHub Desktop.
Save theel0ja/a0fdeb89a1e3831184a2216970c6ed53 to your computer and use it in GitHub Desktop.
my kapsi.fi let's encrypt conf

Let's encrypt kapsi.fi

Asenna acme.sh

curl https://get.acme.sh | sh

Asenna sertifikaatti

Jos käytät tavallista ~/sites/ kansiota, valitse skriptiksi createCert.sh, jos taas käytät Siiloweb'iä, valitse createCertForSiilo.sh

Wildcardille on createWildcardCertWithCloudflare.sh (Cloudflare DNS), täältä löytyy ohjeet muille DNS-tarjoajille.

Jos käytössä mod_rewrite, katso .htaccess tiedosto.

Kokeile konfiguraatiota ssllabs.com

https://www.ssllabs.com/ssltest/

VHOST=www.eliasojala.me
SITE_FOLDER=~/sites/$VHOST
mkdir $SITE_FOLDER/.ssl
wget https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem -O $SITE_FOLDER/.ssl/ca.crt
~/.acme.sh/acme.sh --issue -w $SITE_FOLDER/www -d $VHOST \
--cert-file $SITE_FOLDER/.ssl/server.crt \
--key-file $SITE_FOLDER/.ssl/server.key \
-d eliasojala.me # lisädomainit
VHOST=cloud.eliasojala.me
SITE_FOLDER=~/siilo/sites/$VHOST
mkdir $SITE_FOLDER/.ssl
wget https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem -O $SITE_FOLDER/.ssl/ca.crt
~/.acme.sh/acme.sh --issue -w $SITE_FOLDER/www -d $VHOST \
--cert-file $SITE_FOLDER/.ssl/server.crt \
--key-file $SITE_FOLDER/.ssl/server.key
VHOST=theel0ja.info
SITE_FOLDER=~/sites/$VHOST
mkdir $SITE_FOLDER/.ssl
wget https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem -O $SITE_FOLDER/.ssl/ca.crt
# Cloudflare asetukset (VAIHDA!)
export CF_Email="example@example.com"
export CF_Key="5AA75B24BEFE1FEB329988FDFD442"
~/.acme.sh/acme.sh --issue --dns dns_cf -d $VHOST -d *.$VHOST \
--cert-file $SITE_FOLDER/.ssl/server.crt \
--key-file $SITE_FOLDER/.ssl/server.key/
# Jos käytät mod_rewriteä, älä rewriteä acme-challenge kansiota
RewriteRule ^\.well-known\/acme-challenge\/ - [L]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment