Difference between revisions of "SBN - Copying Certs"
Jump to navigation
Jump to search
| Line 23: | Line 23: | ||
#*<code>sudo vi /etc/apache2/sites-available/default-ssl.conf</code> | #*<code>sudo vi /etc/apache2/sites-available/default-ssl.conf</code> | ||
| − | SSLCertificateFile /etc/letsencrypt/live/ | + | SSLCertificateFile /etc/letsencrypt/live/<code>Machine.Domain.TLD</code>/fullchain.pem |
| − | SSLCertificateKeyFile /etc/letsencrypt/live/ | + | SSLCertificateKeyFile /etc/letsencrypt/live/<code>Machine.Domain.TLD</code>/privkey.pem |
Restart Apache: | Restart Apache: | ||
| − | * <code>sudo systemctl restart apache2</code> | + | *<code>sudo systemctl restart apache2</code> |
Revision as of 13:12, 12 July 2020
To copy certs for a machine from your proxy server (Replace Machine.Domain.TLD with the proper name for your machine...) (&, of course, user & WebServer may need adjusting...)
In this example,
- Machine.Domain.TLD is the full name of the machine you're copying the certs to.
- WebServer is the name of your web/proxy server
- Install certbot on the machine you're putting the certs onto & create the
livedirectory where the certs will live.ssh Machinesudo apt install certbotsudo mkdir /etc/letsencrypt/live
- Sign into your proxy server & make sure you can SSH into the target machine from there.
ssh webserverssh Machine- then exit when you've succeeded (this tells webserver how to get there...)
- Then you can use scp to copy the certs.
sudo scp -r /etc/letsencrypt/live/Machine.Domain.TLD user@Machine:~
- Then ssh back into the proxy server & move the certs into their proper location
sudo mv Machine.Domain.TLD /etc/letsencrypt/live/
- And tell Apache about the certs
sudo vi /etc/apache2/sites-available/default-ssl.conf
SSLCertificateFile /etc/letsencrypt/live/Machine.Domain.TLD/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/Machine.Domain.TLD/privkey.pem
Restart Apache:
sudo systemctl restart apache2
