sudo snap install --classic certbot
# sudo apt install certbot
If you installed with snap, the following process may be required
sudo ln -s /snap/bin/certbot /usr/bin/certbot
/etc/apache2/sites-enabled
sites-available
directory, create symbolic link to sites-enables
- Below is a sample Apache http virtual host configuration used as proxy configuration
- You must have apache2 proxy mods to use proxy.
014-yowuwiki-proxy.conf
<VirtualHost *:80> ProxyPreserveHost On ProxyRequests off ProxyPreserveHost On AllowEncodedSlashes NoDecode ProxyPass / http://localhost:3000/nocanon ProxyPassReverse / http://localhost:3000/ ProxyPassReverse / http://wiki.yowu.dev/ ServerName wiki.yowu.dev ErrorLog ${APACHE_LOG_DIR}/yowuwiki/proxy_error.log CustomLog ${APACHE_LOG_DIR}/yowuwiki/proxy_access.log combined </VirtualHost>
/etc/nginx/sites-enabled/
- Below is a sample nginx http virtual host configuration used as proxy configuration
001-wiki.conf
server { listen 80; server_name wiki.d8.company; location/{ root /var/www/html; proxy_pass http://127.0.0.1:3000; proxy_set_header Connection ""; proxy_http_version 1.1; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } gzip on; gzip_comp_level 4; gzip_types text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript; }
$ sudo certbot --apache # or --nginx
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Which names would you like to activate HTTPS for?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: wiki.yowu.dev
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel):
http
-> https
rewrite or other options appear, select them clearly*-le-ssl.conf
is created as a symbolic link under /etc/apache2/sites-enables
, and SSL configuration is completed.sudo service apache2 reload
- In the case of nginx, if the following message appears, an additional module is required.
The requested nginx plugin does not appear to be installed
sudo add-apt-repository ppa:certbot/certbot sudo apt install python-certbot-nginx -y # or python3-certbot-nginx
$ sudo certbot renew --dry-run
Saving debug log to /var/log/letsencrypt/letsencrypt.log
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/wiki.yowu.dev.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert not due for renewal, but simulating renewal for dry run
Plugins selected: Authenticator apache, Installer apache
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for dev-server.d8.company
Waiting for verification...
Cleaning up challenges
The following certificates were successfully renewed:
/etc/letsencrypt/live/wiki.yowu.dev/fullchain.pem (success)