Difference between revisions of "SBN - Copying Certs"
Jump to navigation
Jump to search
| Line 20: | Line 20: | ||
#Then ssh back into the proxy server & move the certs into their proper location | #Then ssh back into the proxy server & move the certs into their proper location | ||
#*<code>sudo mv Machine.Domain.TLD /etc/letsencrypt/live/</code> | #*<code>sudo mv Machine.Domain.TLD /etc/letsencrypt/live/</code> | ||
| + | #And tell Apache about the certs | ||
| + | #*<code>sudo vi /etc/apache2/sites-available/default-ssl.conf</code> | ||
| + | |||
| + | SSLCertificateFile /etc/letsencrypt/live/www.tinkernet.ca/fullchain.pem | ||
| + | SSLCertificateKeyFile /etc/letsencrypt/live/www.tinkernet.ca/privkey.pem | ||
Revision as of 11:22, 12 July 2020
To copy certs for a machine from your proxy server (Replace Machine.Domain.TLD with the proper name for your machine...) (&, of course, user & WebServer may need adjusting...)
In this example,
- Machine.Domain.TLD is the full name of the machine you're copying the certs to.
- WebServer is the name of your web/proxy server
- Install certbot on the machine you're putting the certs onto & create the
livedirectory where the certs will live.ssh Machinesudo apt install certbotsudo mkdir /etc/letsencrypt/live
- Sign into your proxy server & make sure you can SSH into the target machine from there.
ssh webserverssh Machine- then exit when you've succeeded (this tells webserver how to get there...)
- Then you can use scp to copy the certs.
sudo scp -r /etc/letsencrypt/live/Machine.Domain.TLD user@Machine:~
- Then ssh back into the proxy server & move the certs into their proper location
sudo mv Machine.Domain.TLD /etc/letsencrypt/live/
- And tell Apache about the certs
sudo vi /etc/apache2/sites-available/default-ssl.conf
SSLCertificateFile /etc/letsencrypt/live/www.tinkernet.ca/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/www.tinkernet.ca/privkey.pem
