Certificats Signés via Cerbot et LetsEncrypt

De My Limbic Wiki
Aller à : navigation, rechercher

Installer Cerbot

cd
wget https://dl.eff.org/certbot-auto
sudo mv certbot-auto /usr/local/bin/certbot-auto
sudo chown root /usr/local/bin/certbot-auto
sudo chmod 0755 /usr/local/bin/certbot-auto
/usr/local/bin/certbot-auto --help

Créer les VirtualHosts dans Apache pour la validation Cerbot

sudo vim /etc/apache2/sites-available/sonar.conf

Ajouter:

<VirtualHost *:80>
        ServerName letsencrypt.org
        ServerAlias acme-v02.api.letsencrypt.org
        ServerAdmin contact@letsencrypt.org
        DocumentRoot /var/www/cerbot/
</VirtualHost>
<VirtualHost *:80>
        ServerName sub.domain.com
        ServerAlias sub.domain.com
        ServerAdmin contact@alithya.com
        DocumentRoot /var/www/cerbot/
</VirtualHost>

Redémarrer Apache

#Restart apache
sudo service apache2 restart

Créer le certificat avec Cerbot

cd /usr/local/bin/
sudo mkdir /var/www/cerbot/
sudo ./certbot-auto --debug -v --server https://acme-v02.api.letsencrypt.org/directory certonly --webroot -w /var/www/cerbot/ -d sub.domain.com -d sub.domain.com
#All files are generated here
#/etc/letsencrypt/live/sub.domain.com/

Logs Utiles

#Usefull Logs
journalctl | tail
systemctl status apache2.service
journalctl -xe
tail -f /var/log/apache2/sonarm_access.log
#lets encrypt logs
/var/log/letsencrypt