Letsencrypt

From DWIKI
Revision as of 12:58, 2 January 2024 by Tony (talk | contribs) (→‎HOWTO)

Free SSL certificates

 

Links

HOWTO

Disable auto renewal

Rename renewal file'

/etc/letsencrypt/renewal/example.com.conf.disabled

or in /etc/letsencrypt/renewal/example.com.conf under [renewalparams] add:

autorenew = False

Update cert(s)

certbot

Remove certs/domain

certbot delete --cert-name www.example.com

With and without www

certbot --apache -d example.com -d www.example.com


Allow access to non-root user

setfacl -R -m u:someuser:rX /etc/letsencrypt/{live,archive}/example.org, and then
setfacl -m u:someuser:rX /etc/letsencrypt/{live,archive}

FAQ

This website does not supply ownership information.

sod that


archive directory exists

Maybe you're using SNI, try

certbot --apache -d "www.example.com,example"