how to install letsencrypt on oracle linux 8
1. Login to the server as root
2. dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
3. dnf install certbot python3-certbot-apache
4. certbot --apache
Discussions related to DevOps, AI, Cloud
Showing posts with label SSL. Show all posts
Showing posts with label SSL. Show all posts
Saturday, October 26, 2024
how to install letsencrypt on oracle linux 8
Thursday, May 23, 2024
SSLCertificateFile: file '/etc/pki/tls/certs/localhost.crt' does not exist or is empty
Error on Oracle linux9
After installing Letsencrypt, i am getting this error "SSLCertificateFile: file '/etc/pki/tls/certs/localhost.crt' does not exist or is empty" when trying to execute certbot --apache
How to fix :
systemctl restart httpd
After this, you can successfully execute the command certbot --apache and the issue if solved.
Monday, September 18, 2023
How to install letsencrypt on Amazon linux 2023
How to install letsencrypt on Amazon linux 2023
In Amazon linux 2023, EPEL is not available. All the documentations avaialble in internet is about EPEL and then install certbot. But here we need to use a different approach.
- Login to the server
- dnf install python3 augeas-libs
- dnf remove certbot
- python3 -m venv /opt/certbot/
- /opt/certbot/bin/pip install --upgrade pip
- /opt/certbot/bin/pip install certbot certbot-apache
- ln -s /opt/certbot/bin/certbot /usr/bin/certbot
- certbot --apache
This works perfectly for me. 🙋🙋
Here is the video tutorial. Have a look and install.
Friday, March 12, 2021
Auto redirection of urls from http to https
Normally when a site is enabled with SSL, we need to auto redirect urls from http to https
Go to your web site's default document root folder.
Open your .httaccess file or create one ( I assume mod redirect is enabled in your web server)
Paste the below code.
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
Test your domain without http, it will automatically redirect to https
Monday, October 19, 2015
How to install SSL on Jboss 7.1
I have a valid pfx certificate file. First we need to change it to a keystore
Used the below command to generate the keystore file.
==============================================================
keytool -importkeystore -deststorepass <Name> -destkeystore
"dev.keystore" -srckeystore C:\Users\user\Desktop\SSL\NewWildCard.pfx -srcstoretype PKCS12 -srcstorepass <Password>
Updated the below lines in standalone.xml ($JBOSS_HOME/standalone/configuration) file in Jboss to enable SSL
======================================================================
After <connector name="http"
protocol="HTTP/1.1" scheme="http"
socket-binding="http"/> line added the below lines.
<connector name="https" protocol="HTTP/1.1"
scheme="https" socket-binding="https" secure="true">
<ssl name="https" password="<password>"
certificate-key-file="/root/dev.keystore"/>
</connector>
By default, it will listen on https://domainname.com:8443
Monday, October 21, 2013
How to install and configure SSL from godaddy in Centos6
First we need to generate CSR
openssl req -new -newkey rsa:2048 -nodes -keyout domainname.key -out domainname.csr
Rename domainname.key and .csr with your domain name
Copy the domainanme.csr and upload to godaddy page for certifiying.
It will take couple of days to get authorized and you will get a mail notification. Once this process finished login to your godaddy account and download the zip formatted certificates.
Upload the certificate.zip to the server.
Include ssl.conf in conf.d
vi /etc/httpd/conf.d/ssl.conf
SSLCertificateFile /etc/pki/tls/certs/5fjr5j9dw2f.crt (I get from godaddy)
SSLCertificateKeyFile /etc/pki/tls/private/domainname.key (I get intially from openssl command)
SSLCertificateChainFile /etc/pki/tls/certs/gd_bundle.crt (I get from godaddy)
Restart httpds
openssl req -new -newkey rsa:2048 -nodes -keyout domainname.key -out domainname.csr
Rename domainname.key and .csr with your domain name
Copy the domainanme.csr and upload to godaddy page for certifiying.
It will take couple of days to get authorized and you will get a mail notification. Once this process finished login to your godaddy account and download the zip formatted certificates.
Upload the certificate.zip to the server.
Include ssl.conf in conf.d
vi /etc/httpd/conf.d/ssl.conf
SSLCertificateFile /etc/pki/tls/certs/5fjr5j9dw2f.crt (I get from godaddy)
SSLCertificateKeyFile /etc/pki/tls/private/domainname.key (I get intially from openssl command)
SSLCertificateChainFile /etc/pki/tls/certs/gd_bundle.crt (I get from godaddy)
Restart httpds
Thursday, January 17, 2013
Adding multiple ssl virtual hosting
For this we need to add another ip to the machine.
/etc/network/interfaces
auto eth0:1
iface eth0:1 inet static
address 192.168.1.122
netmask 255.255.255.0
/etc/init.d/networking restart
Check ipconfig -a
/etc/apache2/ports.conf
NameVirtualHost *:80
Listen 80
<IfModule mod_ssl.c>
# If you add NameVirtualHost *:443 here, you will also have to change
# the VirtualHost statement in /etc/apache2/sites-available/default-ssl
# to <VirtualHost *:443>
# Server Name Indication for SSL named virtual hosts is currently not
# supported by MSIE on Windows XP.
Listen 192.168.1.121:443
Listen 192.168.1.122:443
NameVirtualHost 192.168.1.121:443
NameVirtualHost 192.168.1.122:443
</IfModule>
<IfModule mod_gnutls.c>
Listen 443
</IfModule>
vi /etc/apache2/sites-enabled/000-default-ssl
<Directory /var/www>
Options +ExecCGI Indexes FollowSymLinks MultiViews
AddHandler cgi-script cgi pl
AllowOverride Limit
DirectoryIndex index.cgi
Order allow,deny
allow from all
</Directory>
/etc/network/interfaces
auto eth0:1
iface eth0:1 inet static
address 192.168.1.122
netmask 255.255.255.0
/etc/init.d/networking restart
Check ipconfig -a
/etc/apache2/ports.conf
NameVirtualHost *:80
Listen 80
<IfModule mod_ssl.c>
# If you add NameVirtualHost *:443 here, you will also have to change
# the VirtualHost statement in /etc/apache2/sites-available/default-ssl
# to <VirtualHost *:443>
# Server Name Indication for SSL named virtual hosts is currently not
# supported by MSIE on Windows XP.
Listen 192.168.1.121:443
Listen 192.168.1.122:443
NameVirtualHost 192.168.1.121:443
NameVirtualHost 192.168.1.122:443
</IfModule>
<IfModule mod_gnutls.c>
Listen 443
</IfModule>
vi /etc/apache2/sites-enabled/000-default-ssl
<Directory /var/www>
Options +ExecCGI Indexes FollowSymLinks MultiViews
AddHandler cgi-script cgi pl
AllowOverride Limit
DirectoryIndex index.cgi
Order allow,deny
allow from all
</Directory>
Subscribe to:
Posts (Atom)