User Tools
letsencrypt_certbot
This is an old revision of the document!
Table of Contents
Letsencrypt Certbot
Настройка DNS
$ host siteN.mgtu.ru siteN.mgtu.ru has address 195.19.40.42
Установка certbot
ubuntu# snap install --classic certbot debian# apt install certbot #python3-certbot-apache
Проверка по HTTP
C использованием Apache
Создание сайта
vps:~# mkdir /var/www/siteN.mgtu.ru vps:~# cat /var/www/siteN.mgtu.ru/index.html
<h1>siteN.mgtu.ru</h1>
vps:~# cat /etc/apache2/sites-available/siteN.mgtu.ru.conf
<VirtualHost *:80> ServerName siteN.mgtu.ru DocumentRoot /var/www/siteN.mgtu.ru </VirtualHost>
vps:~# a2ensite siteN.mgtu.ru vps:~# apachectl -t vps:~# systemctl reload apache2
Запрос и подтверждение сертификата "вручную"
- Только для обучения, в дальнейшем использовать Запрос и подтверждение сертификата "автоматически"
vps:~# certbot certonly --manual -d siteN.mgtu.ru
Enter email address (used for urgent renewal and security notices) (Enter 'c' to cancel): Enter ... You must agree in order to register with the ACME server. Do you agree? - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - (Y)es/(N)o: Y Account registered. ... Create a file containing just this data: MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM And make it available on your web server at this URL: http://siteN.mgtu.ru/.well-known/acme-challenge/NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN ... Press Enter to Continue
- !!! Оставляем эту и открываем новую консоль !!!
vps:~# mkdir -p /var/www/siteN.mgtu.ru/.well-known/acme-challenge/ vps:~# cat /var/www/siteN.mgtu.ru/.well-known/acme-challenge/NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
$ curl http://siteN.mgtu.ru/.well-known/acme-challenge/NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
- !!! Возвращаемся в предыдущую консоль !!!
... Press Enter to Continue Successfully received certificate. Certificate is saved at: /etc/letsencrypt/live/siteN.mgtu.ru/fullchain.pem Key is saved at: /etc/letsencrypt/live/siteN.mgtu.ru/privkey.pem ...
Настройка SSL для сайта
vps:~# cat /etc/apache2/sites-available/siteN.mgtu.ru.conf
...
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName siteN.mgtu.ru
DocumentRoot /home/val/siteN.mgtu
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/siteN.mgtu.ru/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/siteN.mgtu.ru/privkey.pem
</VirtualHost>
</IfModule>
vps:~# apachectl -t vps:~# systemctl reload apache2
Продление сертификата "вручную"
vps:~# certbot certonly --manual -d siteN.mgtu.ru
Renewing an existing certificate for siteN.mgtu.ru - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Create a file containing just this data: MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM And make it available on your web server at this URL: http://siteN.mgtu.ru/.well-known/acme-challenge/NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Press Enter to Continue
val@val:~$ vim siteN.mgtu/.well-known/acme-challenge/NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
$ ###curl http://siteN.mgtu.ru/.well-known/acme-challenge/NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN vps:~# service apache2 reload
Запрос и подтверждение сертификата "автоматически"
vps:~# apt install python3-certbot-apache vps:~# certbot --apache -d siteN.mgtu.ru ... vps:~# less /etc/apache2/sites-available/siteN.mgtu.ru-le-ssl.conf vps:~# less /etc/apache2/sites-available/siteN.mgtu.ru.conf vps:~# ls -l /etc/apache2/sites-enabled/ vps:~# less /etc/letsencrypt/renewal/siteN.mgtu.ru.conf $ curl https://siteN.mgtu.ru -v $ curl http://siteN.mgtu.ru -v vps:~# systemctl show certbot.timer vps:~# systemctl show certbot.service vps:~# tail /var/log/letsencrypt/letsencrypt.log
letsencrypt_certbot.1764174275.txt.gz · Last modified: 2025/11/26 19:24 by val
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
