Apache:Creazione di un certificato SSL per Apache con Certbot

Versione del 23 apr 2020 alle 20:49 di Andrea (discussione | contributi) (Creata pagina con "← Torna ad Apache| == Apache on Debian 8 (jessie) == Estratto da : https://certbot.eff.org/lets-encrypt/debianjessie-apache ==== 1. Remove packaged...")
(diff) ← Versione meno recente | Versione attuale (diff) | Versione più recente → (diff)

← Torna ad Apache|

Apache on Debian 8 (jessie)

Estratto da : https://certbot.eff.org/lets-encrypt/debianjessie-apache

1. Remove packaged Certbot installation

We previously recommended that Debian 8 (jessie) users install Certbot from the packaged version. Because of important updates in the Certbot code, we are now recommending that Debian 8 users switch to the certbot-auto method, described below.

Run this command on the command line on the machine to remove previous installations of Certbot. If Certbot has never been installed, the command will not do anything.

sudo apt-get remove certbot

2. Install Certbot

Run these commands on the command line on the machine to install Certbot.

wget https://dl.eff.org/certbot-auto
sudo mv certbot-auto /usr/local/bin/certbot-auto
sudo chown root /usr/local/bin/certbot-auto
sudo chmod 0755 /usr/local/bin/certbot-auto

3. Choose how you'd like to run Certbot

Either get and install your certificates...

Run this command to get a certificate and have Certbot edit your Apache configuration automatically to serve it, turning on HTTPS access in a single step.

sudo /usr/local/bin/certbot-auto --apache

chiede:

  • l'indirizzo email di supporto
  • se abilitare il redirect automatico di ogni pagina da HTTP a HTTPS

Or, just get a certificate

If you're feeling more conservative and would like to make the changes to your Apache configuration by hand, run this command: sudo /usr/local/bin/certbot-auto certonly --apache

4. Set up automatic renewal

We recommend running the following line, which will add a cron job to the default crontab.

echo "0 0,12 * * * root python -c 'import random; import time; time.sleep(random.random() * 3600)' && /usr/local/bin/certbot-auto renew -q" | sudo tee -a /etc/crontab > /dev/null

5. Confirm that Certbot worked

To confirm that your site is set up properly, visit https://yourwebsite.com/ in your browser and look for the lock icon in the URL bar. If you want to check that you have the top-of-the-line installation, you can head to https://www.ssllabs.com/ssltest/.