Golfreeze.packetlove.com: Life style of Golfreeze Canon400D Family kammtan.com Jazz Freebsd Unix Linux System Admin guitar Music

All about unix linux freebsd and FAQ for Packetlove.com Web hosting , Mail hosting , VoIP + IP PBX server => All Security via cyber space relate golfreeze task. => Topic started by: golfreeze on ตุลาคม 14, 2019, 06:35:23 PM

Title: let encrypt ssl on centos7 and how to renew every 3 month.
Post by: golfreeze on ตุลาคม 14, 2019, 06:35:23 PM: ==install letencrypt
yum install certbot python2-certbot-nginx
firewall-cmd --permanent --zone=public --add-service=https
firewall-cmd --reload

===Obtaining a certificate for dev.packetlove.com
certbot --nginx -d dev.packetlove.com

===Renewing a certificate
certbot renew --dry-run
certbot renew
nginx -s reload

===vi /etc/cron.daily/letsencrypt-renew
#!/bin/sh
if certbot renew > /var/log/letsencrypt/renew.log 2>&1 ; then
nginx -s reload
fi
exit

===chown
chmod +x /etc/cron.daily/letsencrypt-renew

===crontab -e
01 02,14 * * * /etc/cron.daily/letsencrypt-renew

===analyse ssl
https://www.ssllabs.com/ssltest/analyze.html?d=dev.packetlove.com

Powered by SMF 2.0.11 | SMF © 2006-2009, Simple Machines LLC
SMFAds for Free Forums