Certificats Signés via Cerbot et LetsEncrypt
Installer Cerbot
<source lang="shell"> cd wget https://dl.eff.org/certbot-auto sudo mv certbot-auto /usr/local/bin/certbot-auto sudo chown root /usr/local/bin/certbot-auto sudo chmod 0755 /usr/local/bin/certbot-auto /usr/local/bin/certbot-auto --help </source>
Créer les VirtualHosts dans Apache pour la validation Cerbot
<source lang="shell"> sudo vim /etc/apache2/sites-available/sonar.conf </source>
Ajouter:
<source lang="shell"> <VirtualHost *:80>
ServerName letsencrypt.org ServerAlias acme-v02.api.letsencrypt.org ServerAdmin contact@letsencrypt.org DocumentRoot /var/www/cerbot/
</VirtualHost> <VirtualHost *:80>
ServerName sub.domain.com ServerAlias sub.domain.com ServerAdmin contact@alithya.com DocumentRoot /var/www/cerbot/
</VirtualHost> </source>
Redémarrer Apache <source lang="shell">
- Restart apache
sudo service apache2 restart </source>
Créer le certificat avec Cerbot
<source lang="shell"> cd /usr/local/bin/ sudo mkdir /var/www/cerbot/ sudo ./certbot-auto --debug -v --server https://acme-v02.api.letsencrypt.org/directory certonly --webroot -w /var/www/cerbot/ -d sub.domain.com -d sub.domain.com
- All files are generated here
- /etc/letsencrypt/live/sub.domain.com/
</source>
Logs Utiles
<source lang="shell">
- Usefull Logs
journalctl | tail systemctl status apache2.service journalctl -xe tail -f /var/log/apache2/sonarm_access.log
- lets encrypt logs
/var/log/letsencrypt </source>