Free SSL for web, easy way !
I want say very short steps to make you page secure SSL with "Let's Encrypt"
Free-SSL
Our case, we consider a server where we have ssh access, and we can modify configuration files from apache and restart services.
First step, install certbot.
yum install certbot
Second, request key for you webpage:
certbot certonly --webroot -w /var/www/html/roundcubemail/ -d webmail.your-domain.com
If you run for the first time here, you will get some questions:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Enter email address (used for urgent renewal and security notices) (Enter 'c' to
cancel): [email protected]
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server at
https://acme-v01.api.letsencrypt.org/directory
(A)gree/(C)ancel: A
Next step you will get the key !
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/webmail.your-domain.com/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/webmail.your-domain.com/privkey.pem
Your cert will expire on 2018-10-07. To obtain a new or tweaked
version of this certificate in the future, simply run certbot
again. To non-interactively renew all of your certificates, run
"certbot renew" - Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal. - If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le
Final step create you own VHOST config in web server.
webmail
<VirtualHost 192.168.0.1:443>
SSLEngine On
SSLCertificateFile /etc/letsencrypt/live/webmail.your-domain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/webmail.your-domain.com/privkey.pem
ServerAdmin [email protected]
ServerName webmail.your-domain.com
DocumentRoot /var/www/html/roundcubemail
CustomLog /var/log/httpd/webmailssl_access.log common
ErrorLog /var/log/httpd/webmailssl_error.log
</VirtualHost>
and restart you apache server: systemctl restart httpd
Posted from my blog with SteemPress : http://blog.ceae.info/free-ssl-for-web-easy-way/
Mama mia @luciancovaci
Asta e ca si cum as pune in fata o partitura plina cu furnici, neagra si trebuie citita la prima-vista :-)
Cool blog dar putin strain de mine acesti termeni/site-uri
Felicitari oricum pentru crearea acestui material informativ si ma gandesc ca si foarte necesar pentru cei ce inteleg limbajul
Am sa cresc si eu mai mare :-) sa pricep lumea aceasta
O seara/zi faina @luciancovaci
Salut,
Aici sunt mai mult informatii tehnice pentru cei care stiu sa administreze un server Linux prin ssh.
Pasii sunt simpli astfel încat sa ajungi la ce te intereseaza cat mai usor fara sa te complici !
Multumesc pentru comentariu ! O zi frumoasa !
You got a 2.07% upvote from @oceanwhale With 35+ Bonus Upvotes courtesy of @luciancovaci! Delegate us Steem Power & get 100%daily rewards Payout! 20 SP, 50, 75, 100, 150, 200, 300, 500,1000 or Fill in any amount of SP Earn 1.25 SBD Per 1000 SP | Discord server