Differences

This shows you the differences between two versions of the page.

--- letsencrypt [2018/09/20 18:50]
k2patel [configuration for certificate request / location]
+++ letsencrypt [2018/09/25 14:44]
k2patel
@@ Line 6: / Line 6: @@
 But there is catch, You have to renew your certificated Often.\\
 Since they provided tool to do so, i don't think there is problem at all.\\
+One thing, i've noticed that on AWS, some how authentication using the webroot method fails.\\
+So i had to use http method, which works perfectly fine.\\
+But, renewal works without any issue using webroot.\\
 First install command line API tool.
@@ Line 56: / Line 60: @@
 </code>
+SSL Configuration
+<code conf ssl.conf>
+    ssl on;
+    ssl_certificate_key /etc/letsencrypt/live/fqdn.testdomain.com/privkey.pem;
+    ssl_certificate /etc/letsencrypt/live/fqdn.testdomain.com/fullchain.pem;
+    ssl_trusted_certificate /etc/letsencrypt/live/fqdn.testdomain.com/fullchain.pem;
+</code>
+==== Apache Configuration ====
+So each domain only need to redirect to HTTPS if URL requested is from acme.
+<code conf domain.conf>
+        RewriteEngine On
+        RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge [NC]
+        RewriteCond %{HTTPS} off
+        RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=302]
+</code>
+SSL configuration
+<code conf ssl.conf>
+        SSLEngine on
+        SSLCertificateFile      "/etc/letsencrypt/live/fqdn.testdomain.com/cert.pem"
+        SSLCertificateKeyFile   "/etc/letsencrypt/live/fqdn.testdomain.com/privkey.pem"
+        SSLCACertificatePath    "/etc/letsencrypt/live/fqdn.testdomain.com/"
+        SSLCertificateChainFile "/etc/letsencrypt/live/fqdn.testdomain.com/fullchain.pem"
+</code>
 ==== Cron setup ====
 Now i have script which run every 11 week.

Daily *Nix

User Tools

Site Tools

Differences

Page Tools