FOR APACHE
$ sudo apt-get update
$ sudo apt-get install software-properties-common
$ sudo add-apt-repository ppa:certbot/certbot
$ sudo apt-get update
$ sudo apt-get install python-certbot-apache
sudo certbot --apache -d cloud.xyz.com
If this gave an error like below:
Performing the following challenges:
Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA.
Then give the below command and it works.
# certbot --authenticator standalone --installer apache --pre-hook "apachectl -k stop" --post-hook "apachectl -k start"
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer apache
No names were found in your configuration files. Please enter in your domain
name(s) (comma and/or space separated) (Enter 'c' to cancel): cloud.xyz.com
Running pre-hook command: apachectl -k stop
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for cloud.xyz.com
Waiting for verification...
Cleaning up challenges
Running post-hook command: apachectl -k start
Created an SSL vhost at /etc/apache2/sites-available/000-default-le-ssl.conf
Deploying Certificate for cloud.xyz.com to VirtualHost /etc/apache2/sites-available/000-default-le-ssl.conf
Enabling available site: /etc/apache2/sites-available/000-default-le-ssl.conf
Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
-------------------------------------------------------------------------------
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
-------------------------------------------------------------------------------
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
Redirecting vhost in /etc/apache2/sites-enabled/000-default.conf to ssl vhost in /etc/apache2/sites-available/000-default-le-ssl.conf
-------------------------------------------------------------------------------
Congratulations! You have successfully enabled https://cloud.xyz.com
You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=cloud.xyz.com
-------------------------------------------------------------------------------
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/cloud.xyz.com/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/cloud.xyz.com/privkey.pem
Your cert will expire on 2018-04-30. To obtain a new or tweaked
version of this certificate in the future, simply run certbot again
with the "certonly" option. To non-interactively renew *all* of
your certificates, run "certbot renew"
- If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF:
FOR NGINX
$ sudo apt-get update $ sudo apt-get install software-properties-common $ sudo add-apt-repository ppa:certbot/certbot $ sudo apt-get update $ sudo apt-get install python-certbot-nginxsudo certbot --nginx -d "cloud.xyz.com"
Rest of the details are same as the above.
FOR Renew the Cert
sudo certbot certificates # for listing all
sudo certbot renew --dry-run --cert-name cloud.xyz.com
if it is ok, then
sudo certbot renew --cert-name cloud.xyz.com
Comments