This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.

Secure Sentora Domains with Let's Encrypt
#13
RE: Secure Sentora Domains with Let's Encrypt
(05-06-2016, 03:22 AM)Me.B Wrote: In case you want SSL but still use cloudflare:

https://support.cloudflare.com/hc/en-us/...CloudFlare

As this method would be also interesting for creating SSL certificates without the need to restart apache. The first method will require you stop apache and use the standalone builtin server to validate the certificate.

So in my case let's say I have a user: myuser and domain: mydomain.com. I wish to generate an SSL certificate for www.mydomain.com and mydomain.com as SSL certificates are bind to specific url's.

I can do that in 1 command without restarting apache as let's encrypt client will set a fil in webroot to validate the domain and then generate the SSL certificate ( could work so here behind cloudflare or any reverse proxy).

Code:
./letsencrypt-auto certonly --webroot --webroot-path /var/sentora/hostdata/myuser/public_html/mydomain --renew-by-default --email me@email.com --text --agree-tos -d mydomain.com -d www.mydomain.com

You can even create a shell script that would grab the var myuser and mydomain. Notice the /var/sentora/hostdata/myuser/public_html/mydomain must be the root path for your domain.

In case we want to create an SSL for sentora then all we have to do is changing the root path and domain:

Code:
./letsencrypt-auto certonly --webroot --webroot-path /etc/sentora/panel --renew-by-default --email me@email.com --text --agree-tos -d panel.mydomain.com

Don't forget to restart apache after you validate/renew the certificate.

Also for a all certificates renewal later all you have to do is :

Code:
./letsencrypt renew --dry-run

This will work fine as long you did the pervious method, as let's encrypt client will keep in DB the old certificates root and will try to renew them.

Also if you don't use any more a certificate you can revoke it, so it's no more renewed:


Code:
./letsencrypt-auto revoke --cert-path /etc/letsencrypt/live/mydomain.com/cert.pem
rm -rf /etc/letsencrypt/renewal/mydomain.conf

So you revoke the certificate and remove it from renewal pool. If you want it back you can recreate it.


M B

@[TGates] may be we should update the first how to no?

Please notice you will face issues if your webdomain is not public in case in intranet or URL is requiring authentification or using ip authentification. In case you have IP white-listing or realm all you have to is set public: .well-known/ folder in your website that will fix it. For intranet may be using a reverse proxy will help over that.

Docs: (PDF)
https://media.readthedocs.org/pdf/letsen...ncrypt.pdf

Is your how-to cloudflare specific or will it work on all domains? If cloudflare, then make another How-To but for cloudflare Wink
-TGates - Project Council

SEARCH the Forums or read the DOCUMENTATION before posting!
Support Sentora and Donate: HERE

Find my support or modules useful? Donate to TGates HERE
Developers and code testers needed!
Contact TGates for more information
Reply
Thanks given by:


Messages In This Thread
RE: Secure Sentora Domains with Let's Encrypt - by TGates - 05-07-2016, 02:56 AM

Possibly Related Threads…
Thread Author Replies Views Last Post
Secure Sentora With SSLForFree Chris L 1 4 ,623 01-22-2020, 09:19 PM
Last Post: ralphharder
Fail2ban for Sentora (Centos 7) bbspike 14 44 ,501 01-14-2020, 07:32 AM
Last Post: Vedran B
Timeout for Sentora Admin Panel minufreelance 12 44 ,996 11-24-2018, 12:33 PM
Last Post: fearworks

Forum Jump:


Users browsing this thread: 1 Guest(s)