This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.

Secure Sentora Domains with Let's Encrypt
#12
RE: Secure Sentora Domains with Let's Encrypt
In case you want SSL but still use cloudflare:

https://support.cloudflare.com/hc/en-us/...CloudFlare

As this method would be also interesting for creating SSL certificates without the need to restart apache. The first method will require you stop apache and use the standalone builtin server to validate the certificate.

So in my case let's say I have a user: myuser and domain: mydomain.com. I wish to generate an SSL certificate for www.mydomain.com and mydomain.com as SSL certificates are bind to specific url's.

I can do that in 1 command without restarting apache as let's encrypt client will set a fil in webroot to validate the domain and then generate the SSL certificate ( could work so here behind cloudflare or any reverse proxy).

Code:
./letsencrypt-auto certonly --webroot --webroot-path /var/sentora/hostdata/myuser/public_html/mydomain --renew-by-default --email me@email.com --text --agree-tos -d mydomain.com -d www.mydomain.com

You can even create a shell script that would grab the var myuser and mydomain. Notice the /var/sentora/hostdata/myuser/public_html/mydomain must be the root path for your domain.

In case we want to create an SSL for sentora then all we have to do is changing the root path and domain:

Code:
./letsencrypt-auto certonly --webroot --webroot-path /etc/sentora/panel --renew-by-default --email me@email.com --text --agree-tos -d panel.mydomain.com

Don't forget to restart apache after you validate/renew the certificate.

Also for a all certificates renewal later all you have to do is :

Code:
./letsencrypt renew --dry-run

This will work fine as long you did the pervious method, as let's encrypt client will keep in DB the old certificates root and will try to renew them.

Also if you don't use any more a certificate you can revoke it, so it's no more renewed:


Code:
./letsencrypt-auto revoke --cert-path /etc/letsencrypt/live/mydomain.com/cert.pem
rm -rf /etc/letsencrypt/renewal/mydomain.conf

So you revoke the certificate and remove it from renewal pool. If you want it back you can recreate it.


M B

TGates may be we should update the first how to no?

Please notice you will face issues if your webdomain is not public in case in intranet or URL is requiring authentification or using ip authentification. In case you have IP white-listing or realm all you have to is set public: .well-known/ folder in your website that will fix it. For intranet may be using a reverse proxy will help over that.

Docs: (PDF)
https://media.readthedocs.org/pdf/letsen...ncrypt.pdf
No support using PM (Auto adding to IGNORE list!), use the forum. 
How to ask

200$ free to start your VPS 60 days credit
Reply
Thanks given by: james_d


Messages In This Thread
RE: Secure Sentora Domains with Let's Encrypt - by Me.B - 05-06-2016, 03:22 AM

Possibly Related Threads…
Thread Author Replies Views Last Post
Secure Sentora With SSLForFree Chris L 1 5 ,324 01-22-2020, 09:19 PM
Last Post: ralphharder
Fail2ban for Sentora (Centos 7) bbspike 14 48 ,694 01-14-2020, 07:32 AM
Last Post: Vedran B
Timeout for Sentora Admin Panel minufreelance 12 48 ,858 11-24-2018, 12:33 PM
Last Post: fearworks

Forum Jump:


Users browsing this thread: 8 Guest(s)