tips:ssl

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
Next revisionBoth sides next revision
tips:ssl [2019/02/22 14:46] – [acme.sh integration for letsencrypt] scipiotips:ssl [2020/04/28 07:31] – [nginx] scipio
Line 17: Line 17:
 </code> </code>
  
 +wildchart
 +<code>
 +certbot certonly \
 + --manual \
 + --preferred-challenges=dns \
 + --email stefano.scipioni@csgalileo.org \
 + --server https://acme-v02.api.letsencrypt.org/directory \
 + --agree-tos -d *.iotaiuto.it
 +</code>
 +==== nginx ====
  
 +<file>
 +server {
 +  listen 80;
 +  server_name nextcloud.csgalileo.org;
 +  server_tokens off;
  
 +  location /.well-known/acme-challenge {
 +    root /var/www;
 +    allow all;
 +  }
 +
 +  location / {
 +    return 301 https://$server_name$request_uri;
 +  }
 +}
 +
 +
 +
 +server {
 +    listen 443;
 +    server_name nnextcloud.csgalileo.org;
 +    
 +    ssl_certificate /etc/letsencrypt/live/nextcloud.csgalileo.org/fullchain.pem;
 +    ssl_certificate_key /etc/letsencrypt/live/nextcloud.csgalileo.org/privkey.pem;
 +  
 +}
 +</file>
 +
 +renew
 +<code>
 +certbot renew [--dry-run]
 +</code>
 +
 +automatic renew
 +<code>
 +systemctl status certbot.service
 +</code>
 +
 +/etc/letsencrypt/cli.ini
 +<code>
 +max-log-backups = 0
 +deploy-hook = systemctl reload nginx
 +</code>
 ===== acme.sh integration for letsencrypt ===== ===== acme.sh integration for letsencrypt =====
  
  • tips/ssl.txt
  • Last modified: 2022/06/22 07:15
  • by sscipioni