Editing
SSL Certification Installation on Linux
Jump to navigation
Jump to search
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
SSL Installation On linux SSL Installation has to be done on every website for security of the website.First we should login into server and then go to cd /etc/nginx/sites-available under this path we will host an website suppose there is an demowebsite.conf file. We should open that file in this file beside the server name there will be website name eg-demolinux.devopstraining.com.Now the website shows it was not secure because the https is not Enabled so we have to secure the website . There will be one website certbot.eff.org in this webite we have to give webservice name and also operating system and we should run the below commands to install the packages. For the first time SSL Installation we need to install packages. Sudo snap install core; sudo snap refresh core Sudo snap install --classic certbot Now we have to create the soft links by using below commands Sudo ln –s /snap/bin/certbot/ /usr/bin/certbot Sudo certbot –Nginx. If we use the above command automatically it will create the package and configure and redirects.If we use this command Sometimes it might Misconfigures. After that commands it asks for Email-id so that for every 90 days it will send us notifications to Renewal the certificate. It also shows the all domains configure in the particular server.So that time we should give the number of particular domain we want to Renewal SSL Certificate. If still is not responding means sometimes it may due to not enabling HTTPS(443) Port so that in security group we should have to edit inbound Rules and we have to configure the port and then the website will Respond. At the top we can see the security icon we can click on that and we can see the details of certificate and how much days it will be valid. Now only for Renewal we should use the below command.It only generates the certificate. Sudo certbot certonly –nginx After giving the above command we should have to Enable Renew & Replace the certificate.Then it will provide two commands /etc/letsencrypt/live/demolinux.devopstraining.xyz/fullchain.pem /e tc/letsencrypt/live/demolinux.devopstraining.xyz/privkey.pem Now we should copy above two commands and we should go to /etc/nginx/sites-available/vim .conf and in this file we should replace the two commands and then we should reload the Nginx and then the new renewal will be extended.
Summary:
Please note that all contributions to Apoyar Wiki may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see
Apoyar Wiki:Copyrights
for details).
Do not submit copyrighted work without permission!
Cancel
Editing help
(opens in new window)
Navigation menu
Personal tools
Not logged in
Talk
Contributions
Create account
Log in
Namespaces
Page
Discussion
British English
Views
Read
Edit
View history
More
Search
Navigation
Main page
Apoyar Infrastructure
Active Directory
Recent changes
Random page
Upload file
Tools
What links here
Related changes
Special pages
Page information