sudo snap install --classic certbot
# sudo apt install certbot
snap 으로 설치 했다면 다음 과정이 필요할 수 있음
sudo ln -s /snap/bin/certbot /usr/bin/certbot
/etc/apache2/sites-enabled
sites-available
디렉토리에 설정을 만들고, sites-enables
로 심볼릭 링크를 생성함
- 아래는 proxy 설정으로 사용하는 아파치 http virtual host 설정 샘플
- proxy 를 사용하려면 apache2 proxy mods 가 있어야한다.
014-yowuwiki-proxy.conf
<VirtualHost *:80> ProxyPreserveHost On ProxyRequests off ProxyPreserveHost On AllowEncodedSlashes NoDecode ProxyPass / http://localhost:3000/ nocanon ProxyPassReverse / http://localhost:3000/ ProxyPassReverse / http://wiki.yowu.dev/ ServerName wiki.yowu.dev ErrorLog ${APACHE_LOG_DIR}/yowuwiki/proxy_error.log CustomLog ${APACHE_LOG_DIR}/yowuwiki/proxy_access.log combined </VirtualHost>
/etc/nginx/sites-enabled/
- 아래는 proxy 설정으로 사용하는 nginx http virtual host 설정 샘플
001-wiki.conf
server { listen 80; server_name wiki.d8.company; location / { root /var/www/html; proxy_pass http://127.0.0.1:3000; proxy_set_header Connection ""; proxy_http_version 1.1; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } gzip on; gzip_comp_level 4; gzip_types text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript; }
$ sudo certbot --apache # or --nginx
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Which names would you like to activate HTTPS for?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: wiki.yowu.dev
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel):
http
-> https
rewrite 라던지 기타 등등 선택 옵션이 나오는데 알잘딱으로 선택/etc/apache2/sites-enables
하위에 *-le-ssl.conf
가 심볼릭 링크로 생성되고, SSL 설정이 마무리됨sudo service apache2 reload
- nginx 의 경우 아래와 같은 메시지가 뜬다면 추가 모듈이 필요하다.
The requested nginx plugin does not appear to be installed
sudo add-apt-repository ppa:certbot/certbot sudo apt install python-certbot-nginx -y # or python3-certbot-nginx
$ sudo certbot renew --dry-run
Saving debug log to /var/log/letsencrypt/letsencrypt.log
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/wiki.yowu.dev.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert not due for renewal, but simulating renewal for dry run
Plugins selected: Authenticator apache, Installer apache
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for dev-server.d8.company
Waiting for verification...
Cleaning up challenges
The following certs were successfully renewed:
/etc/letsencrypt/live/wiki.yowu.dev/fullchain.pem (success)