Ci-dessous, les différences entre deux révisions de la page.
Les deux révisions précédentes Révision précédente | |||
linux:ssl [11-01-2023 11:10] edmc73 |
linux:ssl [17-12-2023 10:35] edmc73 |
||
---|---|---|---|
Ligne 13: | Ligne 13: | ||
===== Avec Let's Encrypt ===== | ===== Avec Let's Encrypt ===== | ||
+ | |||
+ | **MAJ 2024** | ||
+ | En résumé sur une fresh debian 11 | ||
+ | |||
+ | apt install certbot python3-certbot-apache | ||
+ | | ||
+ | < | ||
+ | # certbot --apache -d edmc73.com | ||
+ | Saving debug log to / | ||
+ | Plugins selected: Authenticator apache, Installer apache | ||
+ | Enter email address (used for urgent renewal and security notices) | ||
+ | | ||
+ | |||
+ | - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - | ||
+ | Please read the Terms of Service at | ||
+ | https:// | ||
+ | agree in order to register with the ACME server. Do you agree? | ||
+ | - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - | ||
+ | (Y)es/(N)o: Y | ||
+ | |||
+ | - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - | ||
+ | Would you be willing, once your first certificate is successfully issued, to | ||
+ | share your email address with the Electronic Frontier Foundation, a founding | ||
+ | partner of the Let's Encrypt project and the non-profit organization that | ||
+ | develops Certbot? We'd like to send you email about our work encrypting the web, | ||
+ | EFF news, campaigns, and ways to support digital freedom. | ||
+ | - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - | ||
+ | (Y)es/(N)o: Y | ||
+ | Account registered. | ||
+ | Requesting a certificate for edmc73.com | ||
+ | Performing the following challenges: | ||
+ | http-01 challenge for edmc73.com | ||
+ | Enabled Apache rewrite module | ||
+ | Waiting for verification... | ||
+ | Cleaning up challenges | ||
+ | Created an SSL vhost at / | ||
+ | Enabled Apache socache_shmcb module | ||
+ | Enabled Apache ssl module | ||
+ | Deploying Certificate to VirtualHost / | ||
+ | Enabling available site: / | ||
+ | Enabled Apache rewrite module | ||
+ | Redirecting vhost in / | ||
+ | |||
+ | - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - | ||
+ | Congratulations! You have successfully enabled https:// | ||
+ | - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - | ||
+ | Subscribe to the EFF mailing list (email: toto@toto.com). | ||
+ | |||
+ | IMPORTANT NOTES: | ||
+ | - Congratulations! Your certificate and chain have been saved at: | ||
+ | / | ||
+ | Your key file has been saved at: | ||
+ | / | ||
+ | Your certificate will expire on 2024-03-16. To obtain a new or | ||
+ | | ||
+ | | ||
+ | renew *all* of your certificates, | ||
+ | - If you like Certbot, please consider supporting our work by: | ||
+ | |||
+ | | ||
+ | | ||
+ | |||
+ | </ | ||
+ | On se retrouve donc avec un nouveau fichier de config dans apache tout configuré pour que ça fonctionne en https. | ||
+ | |||
+ | ------------------------- | ||
+ | |||
Let's Encrypt a bien évolué depuis sa version beta, je vais maintenant mettre mes scripts à jour et détailler le fonctionnement sur Debian 7 et Apache | Let's Encrypt a bien évolué depuis sa version beta, je vais maintenant mettre mes scripts à jour et détailler le fonctionnement sur Debian 7 et Apache |