Letsencrypt: Difference between revisions
From DWIKI
(Created page with "Free SSL certificates =Links= *[https://letsencrypt.org/ Homepages] =FAQ= ==Update cert(s)== certbot") |
m (→HOWTO) |
||
(9 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
Free SSL certificates | Free SSL certificates | ||
=Links= | | ||
*[https://letsencrypt.org/ Homepages] | |||
= Links = | |||
*[https://letsencrypt.org/ Homepages] | |||
*[https://certbot.eff.org/instructions Certbot instructions] | |||
=HOWTO= | |||
==Disable auto renewal== | |||
Rename renewal file' | |||
/etc/letsencrypt/renewal/example.com.conf.disabled | |||
or in '''/etc/letsencrypt/renewal/example.com.conf''' under '''[renewalparams]''' add: | |||
autorenew = False | |||
== Update cert(s) == | |||
certbot | certbot | ||
==Remove certs/domain== | |||
certbot delete --cert-name www.example.com | |||
==With and without www== | |||
certbot --apache -d example.com -d www.example.com | |||
==Allow access to non-root user== | |||
setfacl -R -m u:someuser:rX /etc/letsencrypt/{live,archive}/example.org, and then | |||
setfacl -m u:someuser:rX /etc/letsencrypt/{live,archive} | |||
= FAQ = | |||
==This website does not supply ownership information.== | |||
sod that | |||
==archive directory exists== | |||
Maybe you're using SNI, try | |||
certbot --apache -d "www.example.com,example" |
Latest revision as of 13:58, 2 January 2024
Free SSL certificates
Links
HOWTO
Disable auto renewal
Rename renewal file'
/etc/letsencrypt/renewal/example.com.conf.disabled
or in /etc/letsencrypt/renewal/example.com.conf under [renewalparams] add:
autorenew = False
Update cert(s)
certbot
Remove certs/domain
certbot delete --cert-name www.example.com
With and without www
certbot --apache -d example.com -d www.example.com
Allow access to non-root user
setfacl -R -m u:someuser:rX /etc/letsencrypt/{live,archive}/example.org, and then setfacl -m u:someuser:rX /etc/letsencrypt/{live,archive}
FAQ
This website does not supply ownership information.
sod that
archive directory exists
Maybe you're using SNI, try
certbot --apache -d "www.example.com,example"