Projekt

Allgemein

Profil

Letsencrypt » Historie » Revision 5

Revision 4 (Jeremias Keihsler, 16.04.2021 18:46) → Revision 5/6 (Jeremias Keihsler, 16.04.2021 18:52)

h1. Letsencrypt 

 link-list: 

 https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-centos-7 
 https://www.centosblog.com/use-letsencrypt-free-ssl-certificate-centos-linux/ 
 https://www.my-it-brain.de/wordpress/der-eigene-mailserver-tls-migration-zu-lets-encrypt/ 
 https://www.kuketz-blog.de/certbot-lets-encrypt-tls-zertifikate-fuer-mailserver/ 
 https://blog.tausys.de/2016/07/13/letsencrypt-zertifikate-fuer-dovecot-und-postfix/ 
 https://community.letsencrypt.org/t/certs-for-mailserver-different-from-webserver/32216/7 
 https://community.letsencrypt.org/t/1-certificate-for-6-domains/49471 
 https://community.letsencrypt.org/t/multiple-domains-webroot-paths-using-webroot-plugin/7982/5 
 https://community.letsencrypt.org/t/installed-correctly-but-still-says-certificate-error-using-edge/49453/2 


 taken from https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-centos-7 

 * epel 

 yum install epel-release 

 *install 

 yum install httpd mod_ssl python-certbot-apache 

 yum install certbot 

 * apache service 

 systemctl start httpd 
 systemctl enable httpd 

 * firewall 

 firewall-cmd --permanent --zone=public --add-service=http 
 firewall-cmd --permanent --zone=public --add-service=https 
 firewall-cmd --reload 

 * test apache service 

 curl example.com 
 curl -k https://example.com 

 /opt/eff.org/certbot/venv/bin/certbot --apache -d example.com -d www.example.com 

 h2. renew cert for nginx 

 <pre><code class="shell"> 
 certbot renew --post-hook '/usr/sbin/service postfix restart; /usr/sbin/service nginx restart; /usr/sbin/service dovecot restart' 
 </code></pre> 

 h2. troubleshooting 

 when there are multiple domains double check *.conf in @/etc/letsencrypt/renewal@ especially the section @[[webroot_map]]@