Différences
Ci-dessous, les différences entre deux révisions de la page.
| Les deux révisions précédentes Révision précédente | |||
|
user:domenge:certbot [2018/04/18 10:33] domenge [Verificacion] |
user:domenge:certbot [2018/04/18 10:34] (Version actuelle) domenge [Verificacion] |
||
|---|---|---|---|
| Ligne 1: | Ligne 1: | ||
| + | ====== CERTBOT ====== | ||
| + | [[https://certbot.eff.org/lets-encrypt/ubuntutrusty-apache.html|Apache on Ubuntu 14.04 (trusty)]] | ||
| + | ===== Installacion ===== | ||
| + | |||
| + | <code bash> | ||
| + | $ sudo apt-get update | ||
| + | $ sudo apt-get install software-properties-common | ||
| + | $ sudo add-apt-repository ppa:certbot/certbot | ||
| + | $ sudo apt-get update | ||
| + | $ sudo apt-get install python-certbot-apache | ||
| + | </code> | ||
| + | ===== Enregament ===== | ||
| + | <code bash> | ||
| + | $ sudo certbot run --apache -d sem.macarel.net -d macarel.net -d www.macarel.net -d ocloud.macarel.net -d vai.macarel.net | ||
| + | ... | ||
| + | Saving debug log to /var/log/letsencrypt/letsencrypt.log | ||
| + | Plugins selected: Authenticator apache, Installer apache | ||
| + | Obtaining a new certificate | ||
| + | Performing the following challenges: | ||
| + | http-01 challenge for sem.macarel.net | ||
| + | http-01 challenge for macarel.net | ||
| + | http-01 challenge for www.macarel.net | ||
| + | http-01 challenge for ocloud.macarel.net | ||
| + | http-01 challenge for vai.macarel.net | ||
| + | Waiting for verification... | ||
| + | Cleaning up challenges | ||
| + | Deploying Certificate to VirtualHost /etc/apache2/sites-enabled/sem.conf | ||
| + | Deploying Certificate to VirtualHost /etc/apache2/sites-enabled/000-default-le-ssl.conf | ||
| + | Deploying Certificate to VirtualHost /etc/apache2/sites-enabled/000-default-le-ssl.conf | ||
| + | Deploying Certificate to VirtualHost /etc/apache2/sites-enabled/owncloud.conf | ||
| + | Deploying Certificate to VirtualHost /etc/apache2/sites-enabled/vai-le-ssl.conf | ||
| + | |||
| + | Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access. | ||
| + | ------------------------------------------------------------------------------- | ||
| + | 1: No redirect - Make no further changes to the webserver configuration. | ||
| + | 2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for | ||
| + | new sites, or if you're confident your site works on HTTPS. You can undo this | ||
| + | change by editing your web server's configuration. | ||
| + | ------------------------------------------------------------------------------- | ||
| + | Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 1 | ||
| + | |||
| + | ------------------------------------------------------------------------------- | ||
| + | Congratulations! You have successfully enabled https://sem.macarel.net, | ||
| + | https://macarel.net, https://www.macarel.net, https://ocloud.macarel.net, and | ||
| + | https://vai.macarel.net | ||
| + | |||
| + | You should test your configuration at: | ||
| + | https://www.ssllabs.com/ssltest/analyze.html?d=sem.macarel.net | ||
| + | https://www.ssllabs.com/ssltest/analyze.html?d=macarel.net | ||
| + | https://www.ssllabs.com/ssltest/analyze.html?d=www.macarel.net | ||
| + | https://www.ssllabs.com/ssltest/analyze.html?d=ocloud.macarel.net | ||
| + | https://www.ssllabs.com/ssltest/analyze.html?d=vai.macarel.net | ||
| + | ------------------------------------------------------------------------------- | ||
| + | |||
| + | IMPORTANT NOTES: | ||
| + | - Congratulations! Your certificate and chain have been saved at: | ||
| + | /etc/letsencrypt/live/sem.macarel.net-0001/fullchain.pem | ||
| + | Your key file has been saved at: | ||
| + | /etc/letsencrypt/live/sem.macarel.net-0001/privkey.pem | ||
| + | Your cert will expire on 2018-07-17. To obtain a new or tweaked | ||
| + | version of this certificate in the future, simply run certbot again | ||
| + | with the "certonly" option. To non-interactively renew *all* of | ||
| + | your certificates, run "certbot renew" | ||
| + | - If you like Certbot, please consider supporting our work by: | ||
| + | |||
| + | Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate | ||
| + | Donating to EFF: https://eff.org/donate-le | ||
| + | ... | ||
| + | </code> | ||
| + | ===== Verificacion ===== | ||
| + | <code bash> | ||
| + | $ sudo certbot certificates | ||
| + | Saving debug log to /var/log/letsencrypt/letsencrypt.log | ||
| + | |||
| + | ------------------------------------------------------------------------------- | ||
| + | Found the following certs: | ||
| + | Certificate Name: sem.macarel.net | ||
| + | Domains: sem.macarel.net ocloud.macarel.net osca-oc.org vai.macarel.net www.macarel.net | ||
| + | Expiry Date: 2018-07-17 05:56:28+00:00 (VALID: 89 days) | ||
| + | Certificate Path: /etc/letsencrypt/live/sem.macarel.net/fullchain.pem | ||
| + | Private Key Path: /etc/letsencrypt/live/sem.macarel.net/privkey.pem | ||
| + | Certificate Name: sem.macarel.net-0001 | ||
| + | Domains: sem.macarel.net macarel.net ocloud.macarel.net vai.macarel.net www.macarel.net | ||
| + | Expiry Date: 2018-07-17 08:39:08+00:00 (VALID: 89 days) | ||
| + | Certificate Path: /etc/letsencrypt/live/sem.macarel.net-0001/fullchain.pem | ||
| + | Private Key Path: /etc/letsencrypt/live/sem.macarel.net-0001/privkey.pem | ||
| + | ------------------------------------------------------------------------------- | ||
| + | </code> | ||
| + | ==== Validacion ==== | ||
| + | |||
| + | https://www.ssllabs.com/ssltest/analyze.html?d=**www.macarel.net**\\ | ||
| + | |||
| + | [[https://www.ssllabs.com/ssltest/analyze.html?d=www.macarel.net|SSL LABS verifica lo ligam securizat]] | ||
