HTTPS: Difference between revisions
From James's Wiki
(Created page with "The Certbot from the repos is old...there was some security issue that froced them to shut down something that the old version uses to create security certificates so it doen'...") |
No edit summary |
||
| (4 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
The Certbot from the repos is old...there was some security issue that | The Certbot from the repos is old...there was some security issue that forced them to shut down something that the old version uses to create security certificates so it doesn't work anymore. | ||
the following instructions works around all that | the following instructions works around all that | ||
sudo apt install letsencrypt | |||
apt-get -t stretch-backports install certbot | |||
sudo apt install python3-certbot-apache | |||
the following is to get the certbot-auto script and get it running | |||
wget https://dl.eff.org/certbot-auto | wget https://dl.eff.org/certbot-auto | ||
| Line 10: | Line 17: | ||
./certbot-auto | ./certbot-auto | ||
NOTE: not sure if certbot-auto is working.. | |||
to add sites manually: | |||
sudo certbot --apache -d example.org -d www.example.org | |||
to test renew: | |||
sudo certbot renew --dry-run | |||
===certbot renew errors=== | |||
if you get a bunch of " failed authorization procedure" erros on renew it might be because in the site-name-le-ssl.conf file there are 2 virtual hosts defined. get rid of the <VirtualHost *:80> section | |||
Latest revision as of 16:25, 6 February 2019
The Certbot from the repos is old...there was some security issue that forced them to shut down something that the old version uses to create security certificates so it doesn't work anymore. the following instructions works around all that
sudo apt install letsencrypt
apt-get -t stretch-backports install certbot
sudo apt install python3-certbot-apache
the following is to get the certbot-auto script and get it running
wget https://dl.eff.org/certbot-auto
chmod a+x ./certbot-auto
./certbot-auto
NOTE: not sure if certbot-auto is working..
to add sites manually:
sudo certbot --apache -d example.org -d www.example.org
to test renew:
sudo certbot renew --dry-run
certbot renew errors
if you get a bunch of " failed authorization procedure" erros on renew it might be because in the site-name-le-ssl.conf file there are 2 virtual hosts defined. get rid of the <VirtualHost *:80> section
