BL๐Ÿ…พG News


Actu G33k & admin stuff.

โ‹… Aucun commentaire

letsencrypt devient certbot

alt

Site officielย : https://certbot.eff.org/

Simplement mettre ร  jour les paquets letsencrypt et python-letsencrypt depuis les dรฉpรดt backports de Debian.


$  apt -t jessie-backports install python-certbot certbot  python-psutil 

La commande letsencrypt sera toujours disponible mais pointera sur certbot.

sourceย : https://blog.karolak.fr



โ‹… Aucun commentaire

How to Simply renewal SSL certificate with letsencrypt

ssl

Install letsencrypt first :p


$  cd /opt
$  git clone https://github.com/certbot/certbot.git 



Before anything need to stop Apache2 service and let's make the magic...


$  /etc/init.d/apache2 stop
$ ./certbot-auto renew

-------------------------------------------------------------------------------
Processing /etc/letsencrypt/renewal/public.echosystem.fr.conf
-------------------------------------------------------------------------------
Cert is due for renewal, auto-renewing...
Starting new HTTPS connection (1): acme-staging.api.letsencrypt.org
Renewing an existing certificate
Performing the following challenges:
tls-sni-01 challenge for public.echosystem.fr
Waiting for verification...
Cleaning up challenges
Generating key (2048 bits): /etc/letsencrypt/keys/0156_key-certbot.pem
Creating CSR: /etc/letsencrypt/csr/0156_csr-certbot.pem

The following certs were successfully renewed:
  /etc/letsencrypt/live/rss.echosystem.fr/fullchain.pem (success)
  /etc/letsencrypt/live/wiki.echosystem.fr/fullchain.pem (success)
  /etc/letsencrypt/live/gitlab.echosystem.fr/fullchain.pem (success)
  /etc/letsencrypt/live/error.echosystem.fr/fullchain.pem (success)
  /etc/letsencrypt/live/tools.echosystem.fr/fullchain.pem (success)
  /etc/letsencrypt/live/pastebin.echosystem.fr/fullchain.pem (success)
  /etc/letsencrypt/live/contact.echosystem.fr/fullchain.pem (success)
  /etc/letsencrypt/live/netdata.echosystem.fr/fullchain.pem (success)
  /etc/letsencrypt/live/irc-log.echosystem.fr/fullchain.pem (success)
  /etc/letsencrypt/live/links.echosystem.fr/fullchain.pem (success)
  /etc/letsencrypt/live/gk.echosystem.fr/fullchain.pem (success)
  /etc/letsencrypt/live/fm.echosystem.fr/fullchain.pem (success)
  /etc/letsencrypt/live/blog.echosystem.fr/fullchain.pem (success)
  /etc/letsencrypt/live/snippet.echosystem.fr/fullchain.pem (success)
  /etc/letsencrypt/live/social.echosystem.fr/fullchain.pem (success)
  /etc/letsencrypt/live/echosystem.fr/fullchain.pem (success)
  /etc/letsencrypt/live/public.echosystem.fr/fullchain.pem (success)



and renable Apache
#  /etc/init.d/apache2 start



alt

Then put in a crontab and you can forget this task ;)

by ๐Ÿ…ด๐Ÿ†๐Ÿ†๐Ÿ…ด๐Ÿ†„๐Ÿ†32
Hosted on
๐Ÿ…ด๐Ÿ…ฒ๐Ÿ…ท๐Ÿ…พ๐Ÿ†‚๐Ÿ†ˆ๐Ÿ†‚๐Ÿ†ƒ๐Ÿ…ด๐Ÿ…ผ