Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
linux:certbot:deep [2018/01/22 19:57]
admin [Second method]
linux:certbot:deep [2020/03/27 12:46] (current)
admin
Line 14: Line 14:
        
 =====Second method===== =====Second method=====
-  ​1. You create some dir /​var/​www/​I/​like/​it/​here+1. You create some dir /​var/​www/​I/​like/​it/​here
   ​   ​
-  ​2. Add to your website or many websites an exception +2. Add to your website or many websites an exception 
-     ​Nginx   + 
-     ​<​code>​ +Nginx   
-        location /​.well-known { +<​code>​ 
-        ​alias ​/​var/​www/​I/​like/​it/​here/​.well-known+  location /​.well-known { 
-      +     root /​var/​www/​I/​like/​it/​here/;​ 
-      </​code>​ +
-       +</​code>​ 
-      Apache2: +Be careful, nginx appends the location itself. Here it adds .well-known to the /​i/​like/​it/​here/​. 
-      <​code> ​       ​+ 
 +Apache2: 
 +<​code> ​       ​
           alias "/​.well-known"​ /​var/​www/​letsencrypt/​.well-known           alias "/​.well-known"​ /​var/​www/​letsencrypt/​.well-known
           ​           ​
Line 34: Line 36:
  
  
-      ​</​code>​+</​code>​
  
         ​         ​
-  ​3. When you call certbot with webroot parameter +3. When you call certbot with webroot parameter 
-      certbot certonly --webroot ​ -d novyweb.starlab.cz +     ​certbot certonly --webroot ​ -d novyweb.starlab.cz ​-w /​var/​www/​letsencrypt/​ 
-      here is the HTTP GET code what the remote server asks for:+here is the HTTP GET code what the remote server asks for:
                    
 <​code>​ <​code>​
Line 50: Line 52:
 </​code>​ </​code>​
  
-   4. And renew is easy allways the same +4. And renew is easy allways the same 
-      certbot renew --webroot -w /​var/​www/​I/​like/​it/​here+    certbot renew --webroot -w /​var/​www/​I/​like/​it/​here
       ​       ​
       ​       ​
 +===== DNS auth =====
 +    /​usr/​src/​certbot-auto certonly --manual --preferred-challenges=dns --email firma@example.cz -d example.com -d *.example.com
 +
 +      ​
 +===== Be careful with wsgi proxy ======
 +Proxy goes first then aliases. You have to create an exeption for .well-known.
 +Showing just apache2 config line
 +     ​ProxyPass /​.well-known !
 +     
 +     
 ===== Nice source ===== ===== Nice source =====
     * https://​gist.github.com/​cecilemuller/​a26737699a7e70a7093d4dc115915de8     * https://​gist.github.com/​cecilemuller/​a26737699a7e70a7093d4dc115915de8
  
 
linux/certbot/deep.1516647435.txt.gz · Last modified: 2018/01/22 19:57 by admin