If you're running apache2 web server in openSUSE Leap 15.x,
create a virtual host config file named /etc/apache2/conf.d/mydomain.example.com.conf
1. Configure apache2 for https:
# vim /etc/apache2/conf.d/mydomain.example.com.conf
<VirtualHost *:443>
DocumentRoot "/srv/www/htdocs/owncloud"
ServerName mydomain.example.com
SSLEngine On
SSLCertificateFile /etc/certbot/live/mydomain.example.com/fullchain.pem
SSLCertificateKeyFile /etc/certbot/live/mydomain.example.com/privkey.pem
<Directory "/srv/www/htdocs/owncloud">
DirectoryIndex index.html info.php index.php
Options FollowSymLinks
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
----------------------------------------
# systemctl restart apache2
----------------------------------------
2. Install certboot:
# zypper in certbot python-certbot python-certbot-apache
----------------------------------------
3. Configure data for certboot:
# vim /etc/certbot/cli.ini
rsa-key-size = 4096
server = https://acme-v01.api.letsencrypt.org/directory
email = mailaddress@something.com
domain = mydomain.example.com
authenticator = webroot
webroot-path = /srv/www/htdocs/owncloud
----------------------------------------
3.1. Configure data for letsencrypt:
# vim /etc/letsencrypt/cli.ini
rsa-key-size = 4096
server = https://acme-v01.api.letsencrypt.org/directory
email = mailaddress@something.com
authenticator = webroot
webroot-path = /srv/www/htdocs/owncloud
domain = mydomain.example.com
----------------------------------------
4. Create cert:
# certbot --authenticator webroot --installer apache
# certbot --apache
# systemctl stop apache2
# systemctl start apache2
----------------------------------------
5. Auto renew cert with cron, every 30 days in 2:00 AM:
# crontab -e
# SSL certificates renew
0 2 1 * * /usr/bin/certbot renew
----------------------------------------
Nema komentara:
Objavi komentar