Differences

This shows you the differences between two versions of the page.

--- letsencrypt_certbot [2023/09/11 11:29]
val created
+++ letsencrypt_certbot [2024/05/03 12:37] (current)
val [Запрос сертификата]
@@ Line 1: / Line 1: @@
 ====== Letsencrypt Certbot ======
+  * [[https://letsencrypt.org/ru/getting-started/|Приступая к работе]]
+  * [[https://certbot.eff.org/|Certbot]]
+===== Настройка DNS =====
+<code>
+$ host host2.mgtu.ru
+host2.mgtu.ru has address 195.19.40.152
+</code>
+===== Создание сайта =====
+<code>
+val@val:~$ mkdir host1.mgtu
+val@val:~$ cat host1.mgtu/index.html
+</code><code>
+<h1>host1.mgtu.ru</h1>
+</code><code>
+root@val:~# cat /etc/apache2/sites-available/host1.mgtu.ru.conf
+</code><code>
+<VirtualHost *:80>
+  ServerName host1.mgtu.ru
+  DocumentRoot /home/val/host1.mgtu
+  <Directory /home/val/host1.mgtu>
+    Require all granted
+  </Directory>
+</VirtualHost>
+</code><code>
+root@val:~# a2ensite host1.mgtu.ru
+root@val:~# systemctl reload apache2
+</code>
+  * http://host1.mgtu.ru
+===== Запрос сертификата =====
+<code>
+ubuntu# snap install --classic certbot
+debian# apt install certbot python3-certbot-apache
+root@val:~# certbot certonly --manual -d host1.mgtu.ru
+</code><code>
+Enter email address (used for urgent renewal and security notices)
+ (Enter 'c' to cancel): val@bmstu.ru
+...
+Create a file containing just this data:
+MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
+And make it available on your web server at this URL:
+http://val.mgtu.ru/.well-known/acme-challenge/NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
+...
+Press Enter to Continue
+...
+</code><code>
+val@val:~$ mkdir -p host1.mgtu/.well-known/acme-challenge/
+val@val:~$ cat host1.mgtu/.well-known/acme-challenge/NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
+</code><code>
+MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
+</code><code>
+val@val:~$ ###curl http://host1.mgtu.ru/.well-known/acme-challenge/NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
+</code><code>
+...
+Press Enter to Continue
+Successfully received certificate.
+Certificate is saved at: /etc/letsencrypt/live/host1.mgtu.ru/fullchain.pem
+Key is saved at:         /etc/letsencrypt/live/host1.mgtu.ru/privkey.pem
+...
+</code>
+===== Настройка SSL для сайта =====
+<code>
+root@val:~# cat /etc/apache2/sites-available/host1.mgtu.ru.conf
+</code><code>
+...
+<IfModule mod_ssl.c>
+  <VirtualHost *:443>
+  ServerName host1.mgtu.ru
+  DocumentRoot /home/val/host1.mgtu
+  <Directory /home/val/host1.mgtu>
+    Require all granted
+  </Directory>
+    SSLEngine on
+    SSLCertificateFile /etc/letsencrypt/live/host1.mgtu.ru/fullchain.pem
+    SSLCertificateKeyFile /etc/letsencrypt/live/host1.mgtu.ru/privkey.pem
+</VirtualHost>
+</code><code>
+root@val:~# apachectl -t
+root@val:~# systemctl reload apache2
+</code>
+  * https://host1.mgtu.ru
+===== Продление сертификата =====
+<code>
+root@val:~# certbot certonly --manual -d host1.mgtu.ru
+</code><code>
+Renewing an existing certificate for host1.mgtu.ru
+- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+Create a file containing just this data:
+MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
+And make it available on your web server at this URL:
+http://host1.mgtu.ru/.well-known/acme-challenge/NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
+- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+Press Enter to Continue
+</code><code>
+val@val:~$ vim host1.mgtu/.well-known/acme-challenge/NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
+</code><code>
+MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
+</code><code>
+val@val:~$ ###curl http://host1.mgtu.ru/.well-known/acme-challenge/NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
+root@val:~# service apache2 reload
+</code>

Методические материалы Лохтурова Вячеслава

User Tools

Site Tools

Differences

Page Tools