IT/Software/Server Config/SSL Certificates/certbot

From msgwiki

< IT‎ | Software‎ | Server Config‎ | SSL Certificates

Revision as of 05:10, 5 March 2020 by Walttheboss (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to navigation Jump to search

Access restrictions were established for this page. If you see this message, you have no access to this page.

This is a wonderful tool to install and manage SSL certificates on servers.

Background
1. certbot is a tool that manages Lets Encrypt certificates.
2. Get it from from here.
3. Their documentation is really well done.
4. Know what version you are on

apt-cache policy certbot | grep -i Installed

Install
1. You can install from the package maintaners version from 18.04 and on
2. I recommend the ppa version
  1. Certbot PPA=

sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update

Use
- Basic installation of a certificate on apache
  - You can go to the website above for more details on other platforms.

sudo certbot

Checking Certificates

sudo certbot certificates

You will get a nice list of certs with their expiry dates.
Renewing Certificates
- This must be done every 90 days and can be done as much as 30 days early

sudo certbot renew

Force Renewal
- This can eat into your allotment so only do as needed
  - This needed to happen once due to a Lets Encrypt bug

sudo certbot --force-renewal

You still need to pick the domains and then choose to redirect https is you want.
- Normally we do want the forced redirect to https.

Retrieved from "https://msgwiki.msgeducation.com/index.php?title=IT/Software/Server_Config/SSL_Certificates/certbot&oldid=576"