Aktionen
Setup dehydrated » Historie » Revision 3
« Zurück |
Revision 3/7
(Vergleich)
| Weiter »
Jeremias Keihsler, 21.09.2021 22:22
Install Procedure for dehydrated¶
Requirements¶
To install logwatch you will need the following:- a installed and supported operating system (e.g. CentOS 8.x)
- EPEL repository
- root-access
- a fast internet connection
Preliminary Note¶
partly taken from: https://bob.gatsmas.de/let-s-encrypt-mit-nginx-und-dehydrated
Install¶
Install dehydrated
:
yum install openssl curl sed grep mktemp
yum install dehydrated
Configure nginx¶
im http-Bereich (Port 80) des jeweiligen Servers
location /.well-known/acme-challenge {
alias /var/www/dehydrated;
}
mkdir -p /var/www/dehydrated
systemctl restart nginx
Test nginx¶
echo "Test OK" > /var/www/dehydrated/test.html
try to get the file from somewhere else
curl http://subdomain.example.com/.well-known/acme-challenge/test.html
Configure dehydrated¶
add domains to /etc/dehydrated/domains.txt
hostXX.example.com
register with AMCE-Server (Let's Encrypt)¶
dehydrated --register --accept-terms
get certs¶
dehydrated -c
Configure nginx-ssl¶
server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name hostXX.example.com; root /usr/share/nginx/html; #ssl_certificate "/etc/pki/nginx/server.crt"; #ssl_certificate_key "/etc/pki/nginx/private/server.key"; ssl_certificate "/etc/dehydrated/certs/hostXX.example.com/fullchain.pem"; ssl_certificate_key "/etc/dehydrated/certs/hostXX.example.com/privkey.pem"; ssl_session_cache shared:SSL:1m; ssl_session_timeout 10m; ssl_ciphers PROFILE=SYSTEM; ssl_prefer_server_ciphers on; # Load configuration files for the default server block. include /etc/nginx/default.d/*.conf; location / { } error_page 404 /404.html; location = /40x.html { } error_page 500 502 503 504 /50x.html; location = /50x.html { } }
Von Jeremias Keihsler vor mehr als 3 Jahren aktualisiert · 3 Revisionen