- [Show page]
- [Old revisions]
- [[unknown link type]]
- []
Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
doc:cert [2016/12/20 17:11] tomsa |
doc:cert [2016/12/20 17:30] (current) tomsa [Let's Encrypt] |
||
---|---|---|---|
Line 195: | Line 195: | ||
+ | Certifikaty jsou platne jen po omezenou dobu. | ||
+ | Pote je potreba je obnovit. Na to slouzi zase program certbot-auto: | ||
+ | <code> | ||
+ | certbot-auto renew --standalone --pre-hook="service nginx stop" --post-hook="service nginx start" | ||
+ | </code> | ||
+ | |||
+ | |||
+ | Cele obnovovani se da dat do cronu: | ||
+ | <code> | ||
+ | vim /etc/cron.d/letsencrypt | ||
+ | </code> | ||
+ | |||
+ | A dane obnovovani poustet treba jednou mesicne: | ||
+ | <code> | ||
+ | #!/bin/bash | ||
+ | 0 4 5 * * root /usr/local/sbin/certbot-auto renew --standalone --pre-hook="service nginx stop" --post-hook="service nginx start" > /dev/null 2>&1 | ||
+ | </code> | ||
+ | |||
+ | |||
+ | ===nginx=== | ||
+ | Do nginx pridat certifikaty nasledovne: | ||
+ | |||
+ | <code> | ||
+ | ssl_certificate /etc/letsencrypt/live/goox.cz/cert.pem; | ||
+ | ssl_certificate_key /etc/letsencrypt/live/goox.cz/privkey.pem; | ||
+ | |||
+ | </code> |
doc/cert.1482250297.txt.gz · Last modified: 2016/12/20 17:11 by tomsa