certbot deprecated support for CentOS 7, so new version of certbot-auto script won’t work on CentOS 7. To install certbot (letsencrypt command line tool), run
|
1 2 |
yum install -y epel-release yum install -y python2-certbot.noarch |
To run it, use command
|
1 |
/usr/bin/certbot-2 |
See LetsEncrypt […]
To change email address of LetsEncrypt SSL certficate account, run
|
1 |
certbot update_account --email you@your-domain.com |
See LetsEncrypt […]
To list all available LetsEncrypt SSL certficates, run
|
1 |
certbot certificates |
To delete a certificate, run
|
1 |
certbot delete --cert-name NAME_OF_SSL_CERT |
You can find NAME_OF_SSL_CERT from command “certbot certificates”. See LetsEncrypt […]
When you develop a web site, you will need it password protected so others won’t see or you don’t want google to index the web pages while you are working on it. To password protect a web site in nginx, see Nginx Password Protect a website If you password protect a web site and try […]
To install LetsEncrypt SSL on bitnami wordpress server, install letsencrypt with
|
1 2 |
wget https://raw.githubusercontent.com/serverok/server-setup/master/install/letsencrypt.sh sh ./letsencrypt.sh |
Stop apache web server with
|
1 |
/opt/bitnami/ctlscript.sh stop apache |
Now get SSL certificate using certbot
|
1 |
certbot certonly --standalone -d YOUR-DOMAIN.EXT -d www.YOUR-DOMAIN.EXT |
Now you have SSL certficate, lets copy it to bitnami folder
|
1 2 3 |
cat /etc/letsencrypt/live/YOUR-DOMAIN.EXT/privkey.pem > /opt/bitnami/apache2/conf/server.key cat /etc/letsencrypt/live/YOUR-DOMAIN.EXT/cert.pem > /opt/bitnami/apache2/conf/server.crt cat /etc/letsencrypt/live/YOUR-DOMAIN.EXT/chain.pem >> /opt/bitnami/apache2/conf/server.crt |
Start the web server with
|
1 |
/opt/bitnami/ctlscript.sh start apache |
Auto Renew LetsEncrypt Create file
|
1 2 |
mkdir /usr/serverok vi /usr/serverok/ssl-renew |
Add following to the file. Replace […]
To install SSL certificate in Virtualmin, select the domain from drop down list of Virtualmin. On left Menu, go to Server Configuration > SSL Certificate If you want to install Free LetsEncypt SSL, click on “Let’s Encrypt” link on top. On next page Click on “Request Certificate”. […]
When using Nginx as reverse proxy, you may need to handle SSL verification request. Passing this request to backend server may not do any good as back end servers normally only handle application. To hanlde SSL validation request, use following Nginx Configuration
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 |
server { listen 80; server_name YOUR-DOMAIN.EXTN www.YOUR-DOMAIN.EXTN; location ^~ /.well-known/acme-challenge/ { root /var/www/html; } location / { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header Host $host; proxy_pass http://127.1.2.1:4200; } } |
Now restart Nginx
|
1 |
service nginx restart |
You can get SSL with following letsencrypt command […]
To list all letsencrypt SSL certificates, run
|
1 |
certbot certificates |
Example
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 |
root@ok:~# certbot certificates Saving debug log to /var/log/letsencrypt/letsencrypt.log Revocation status for /etc/letsencrypt/live/boby.hosthat.com/cert.pem is unknown ------------------------------------------------------------------------------- Found the following certs: Certificate Name: boby.hosthat.com Domains: boby.hosthat.com Expiry Date: 2017-06-11 15:10:00+00:00 (INVALID: EXPIRED) Certificate Path: /etc/letsencrypt/live/boby.hosthat.com/fullchain.pem Private Key Path: /etc/letsencrypt/live/boby.hosthat.com/privkey.pem Certificate Name: img.serverok.in Domains: img.serverok.in Expiry Date: 2018-05-02 16:06:53+00:00 (VALID: 66 days) Certificate Path: /etc/letsencrypt/live/img.serverok.in/fullchain.pem Private Key Path: /etc/letsencrypt/live/img.serverok.in/privkey.pem Certificate Name: lab.hostonnet.com Domains: lab.hostonnet.com Expiry Date: 2018-04-25 03:34:37+00:00 (VALID: 59 days) Certificate Path: /etc/letsencrypt/live/lab.hostonnet.com/fullchain.pem Private Key Path: /etc/letsencrypt/live/lab.hostonnet.com/privkey.pem Certificate Name: yboby.cf Domains: yboby.cf www.yboby.cf Expiry Date: 2018-03-21 19:43:49+00:00 (VALID: 25 days) Certificate Path: /etc/letsencrypt/live/yboby.cf/fullchain.pem Private Key Path: /etc/letsencrypt/live/yboby.cf/privkey.pem ------------------------------------------------------------------------------- root@ok:~# |
letsencrypt […]
Login to ISPConfig at https://your-server-ip:8080 On main menu, click on “Sites”. It will show all available web sites on your server. Click on the domain on which you need LetsEncrypt SSL installed. On Next page, click the check boxes “SSL” and “LetsEncrypt”. Click “Save” button. In few minutes you will get SSL installed on your […]
Enable LetsEncrypt SSL in ISPConfig LetsEncrypt Windows LetsEncrypt SSL On Nginx Password Protected site LetsEncrypt SSL On Apache Password Protected site Nginx Proxy SSL Verification Install LetsEncrypt in CentOS 7 Certbot commands Delete LetsEncrypt SSL certficate List all letsencrypt certificates Change Email address of LetsEncrypt SSL Install letsencrypt
|
1 2 |
wget https://raw.githubusercontent.com/serverok/server-setup/master/install/letsencrypt.sh sh ./letsencrypt.sh |
OR
|
1 2 3 4 |
cd /usr/bin wget https://dl.eff.org/certbot-auto chmod a+x /usr/bin/certbot-auto mv /usr/bin/certbot-auto /usr/bin/certbot |
Install SSL certificate on […]