wiki.TerraBase.info

Certbot with Apache

Revision as of 21:44, 29 December 2019 by Root (talk | contribs)

The environment for the following examples is: CentOS 7 and Apache

Simple Command Example (Interactive): certbot --apache

Simple Command Example (Automated): certbot certonly --webroot --webroot-path /var/www/html/WhatEverPath -d WhatEverWebSite

Both of the above examples will do the following;

  • Modifies the /etc/http/conf/httpd.conf file by adding several items with several "Rewrites" to the VirtualHost section for the web site;
RewriteEngine on
RewriteCond %{SERVER_NAME} =WhateEverWebSiteName [OR]
RewriteCond %{SERVER_NAME} =WhateEverWebSiteName
RewriteRule ^ <nowiki>https://%{SERVER_NAME}%{REQUEST_URI}</nowiki> [END,NE,R=permanent]
  • an Include: Include /etc/httpd/conf/httpd-le-ssl.conf

Include /etc/httpd/conf/httpd-le-ssl.conf

<IfModule mod_ssl.c>

<VirtualHost *:443>

     DocumentRoot /var/www/html/WhatEverWebSite
     ServerName WhatEverWebSite
     CustomLog "logs/WhatEverWebSite/www.Access.LOG" combinedio

<Directory "/var/www/html/WhatEverWebSite">
     AllowOverride ALL
     Require all granted
</Directory>

ServerAlias WhatEverWebSite
SSLCertificateFile /etc/letsencrypt/live/WhatEverWebSite/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/WhatEverWebSite/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateChainFile /etc/letsencrypt/live/WhatEverWebSite/chain.pem

</VirtualHost>

</IfModule>

No changes were made to the /etc/httpd/conf.d/ssl.conf file

Final Thought: The CERTBOT application is thorough in the way it scans the httpd.conf and associated files. It caught a couple of missing quotation marks that HTTPD let slide.

Retrieved from "https://wiki.terrabase.info/index.php?title=Certbot_with_Apache&oldid=151"