When you develop a web site, you will need it password protected so others won’t see or you don’t want google to index the web pages while you are working on it. To password protect a web site in nginx, see Nginx Password Protect a website If you password protect a web site and try […]
Install LetsEncrypt SSL on Bitnami
To install LetsEncrypt SSL on bitnami wordpress server, install letsencrypt with
|
1 2 |
wget https://raw.githubusercontent.com/serverok/server-setup/master/install/letsencrypt.sh sh ./letsencrypt.sh |
Stop apache web server with
|
1 |
/opt/bitnami/ctlscript.sh stop apache |
Now get SSL certificate using certbot
|
1 |
certbot certonly --standalone -d YOUR-DOMAIN.EXT -d www.YOUR-DOMAIN.EXT |
Now you have SSL certficate, lets copy it to bitnami folder
|
1 2 3 |
cat /etc/letsencrypt/live/YOUR-DOMAIN.EXT/privkey.pem > /opt/bitnami/apache2/conf/server.key cat /etc/letsencrypt/live/YOUR-DOMAIN.EXT/cert.pem > /opt/bitnami/apache2/conf/server.crt cat /etc/letsencrypt/live/YOUR-DOMAIN.EXT/chain.pem >> /opt/bitnami/apache2/conf/server.crt |
Start the web server with
|
1 |
/opt/bitnami/ctlscript.sh start apache |
Auto Renew LetsEncrypt Create file
|
1 2 |
mkdir /usr/serverok vi /usr/serverok/ssl-renew |
Add following to the file. Replace […]
Install SSL Certificate in Virtualmin
To install SSL certificate in Virtualmin, select the domain from drop down list of Virtualmin. On left Menu, go to Server Configuration > SSL Certificate If you want to install Free LetsEncypt SSL, click on “Let’s Encrypt” link on top. On next page Click on “Request Certificate”. […]
Nginx Proxy SSL Verification
When using Nginx as reverse proxy, you may need to handle SSL verification request. Passing this request to backend server may not do any good as back end servers normally only handle application. To hanlde SSL validation request, use following Nginx Configuration
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 |
server { listen 80; server_name YOUR-DOMAIN.EXTN www.YOUR-DOMAIN.EXTN; location ^~ /.well-known/acme-challenge/ { root /var/www/html; } location / { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header Host $host; proxy_pass http://127.1.2.1:4200; } } |
Now restart Nginx
|
1 |
service nginx restart |
You can get SSL with following letsencrypt command […]
certbot certificates
To list all letsencrypt SSL certificates, run
|
1 |
certbot certificates |
Example
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 |
root@ok:~# certbot certificates Saving debug log to /var/log/letsencrypt/letsencrypt.log Revocation status for /etc/letsencrypt/live/boby.hosthat.com/cert.pem is unknown ------------------------------------------------------------------------------- Found the following certs: Certificate Name: boby.hosthat.com Domains: boby.hosthat.com Expiry Date: 2017-06-11 15:10:00+00:00 (INVALID: EXPIRED) Certificate Path: /etc/letsencrypt/live/boby.hosthat.com/fullchain.pem Private Key Path: /etc/letsencrypt/live/boby.hosthat.com/privkey.pem Certificate Name: img.serverok.in Domains: img.serverok.in Expiry Date: 2018-05-02 16:06:53+00:00 (VALID: 66 days) Certificate Path: /etc/letsencrypt/live/img.serverok.in/fullchain.pem Private Key Path: /etc/letsencrypt/live/img.serverok.in/privkey.pem Certificate Name: lab.hostonnet.com Domains: lab.hostonnet.com Expiry Date: 2018-04-25 03:34:37+00:00 (VALID: 59 days) Certificate Path: /etc/letsencrypt/live/lab.hostonnet.com/fullchain.pem Private Key Path: /etc/letsencrypt/live/lab.hostonnet.com/privkey.pem Certificate Name: yboby.cf Domains: yboby.cf www.yboby.cf Expiry Date: 2018-03-21 19:43:49+00:00 (VALID: 25 days) Certificate Path: /etc/letsencrypt/live/yboby.cf/fullchain.pem Private Key Path: /etc/letsencrypt/live/yboby.cf/privkey.pem ------------------------------------------------------------------------------- root@ok:~# |
letsencrypt […]
Enable LetsEncrypt SSL in ISPConfig
Login to ISPConfig at https://your-server-ip:8080 On main menu, click on “Sites”. It will show all available web sites on your server. Click on the domain on which you need LetsEncrypt SSL installed. On Next page, click the check boxes “SSL” and “LetsEncrypt”. Click “Save” button. In few minutes you will get SSL installed on your […]
Letsencrypt
Install letsencrypt
|
1 2 |
wget https://raw.githubusercontent.com/serverok/server-setup/master/install/letsencrypt.sh sh ./letsencrypt.sh |
OR
|
1 2 3 4 |
cd /usr/bin wget https://dl.eff.org/certbot-auto chmod a+x /usr/bin/certbot-auto mv /usr/bin/certbot-auto /usr/bin/certbot |
Install SSL certificate on Apache
|
1 |
certbot --authenticator webroot --webroot-path <path to served directory> --installer apache --agree-tos --email admin@serverok.in -d YOUR-DOMAIN.EXT -d www.YOUR-DOMAIN.EXT |
On Nginx
|
1 |
certbot --authenticator webroot --webroot-path <path to served directory> --installer nginx --agree-tos --email admin@serverok.in -d YOUR-DOMAIN.EXT -d www.YOUR-DOMAIN.EXT |
This will stop web server. Generate SSL, then start web server. Getting SSL with out web server Domain should be pointed to the server IP and IP should be public to generate SSL. Run following command.
|
1 |
certbot certonly --standalone -d YOUR-DOMAIN.EXT |
Auto Renew SSL Certificate […]