User Tools

Site Tools


ssl

This is an old revision of the document!


Lets Encrypt SSL

Apache

Set up the following directory structure (look at the others there as an example):

$ sudo tree -a /var/www/well-known
/var/www/well-known
+-- example.com
    \-- .well-known -> .

For your regular HTTP site (non-SSL) add the following to your <VirtualHost/> block:

Include /etc/apache2/conf-available/well-known.conf

Now reload Apache for your configuration to take effect.

Finally run:

sudo certbot certonly --webroot -w /var/www/well-known/coremem.com -d example.com -d www.example.com

'N.B.' you can add append many more sub-domains on there if you want to use use multiple domains in the same certificate, though you might have to play with mod_rewrite in /etc/apache2/conf-available/well-known.conf to line things up.

Now go back to your Apache configuration section and add a new <VirtualHost/> block for your domain but create your HTTPS section and insert the following lines into it:

SSLCertificateFile /etc/letsencrypt/live/example.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/example.com/chain.pem
Include /etc/letsencrypt/options-ssl-apache.conf

Finally, do one last reload and you should have a secure site.

ssl.1465489831.txt.gz · Last modified: 2016/06/09 16:30 by alex