How to Install SSL Certbot of LetsEncrypt :
vi /usr/local/tomcat/conf/server.xml
-- Change tomcat port to : 1610
cd /usr/local/tomcat/bin
./shutdown.sh
./startup.sh
firewall-cmd --zone=public --add-port=1610/tcp
firewall-cmd --zone=public --add-port=443/tcp
sudo systemctl start httpd
cd /etc/httpd/conf.d
vi 10-apex.conf
<VirtualHost *:80>
ServerName example.com
ServerAlias www.example.com
Redirect Permanent / https://example.com
ProxyRequests On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
<Location />
ProxyPreserveHost on
RequestHeader unset Origin
ProxyPass http://192.168.1.1:1610/
ProxyPassReverse http://192.168.1.1:1610/
</Location>
RewriteEngine on
RewriteCond %{SERVER_NAME} =example.com [OR]
RewriteCond %{SERVER_NAME} =www.example.com [OR]
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
sudo yum install epel-release
sudo yum install certbot python2-certbot-apache mod_ssl
sudo certbot --apache -d example.com
Check the Status :
https://www.ssllabs.com/ssltest/analyze.html?d=example.com
--- Add Auto Renewal at crontab :
sudo crontab -e
-- Add this line at crontab
0 0,12 * * * python -c 'import random; import time; time.sleep(random.random() * 3600)' && certbot renew
sudo certbot renew --dry-run
vi /etc/hosts
192.168.0.1 example.com
192.168.0.1 www.example.com
0 comments:
Post a Comment