Renewing SSL Certificate on OpenVPN Server: Difference between revisions

From Apoyar Wiki
Jump to navigation Jump to search
(Created page with "Make sure certbot is not installed by OS packaging Install CertBot using Snap Invoke CertBot and generate the cert: systemctl stop openvpnas systemctl status openvpnas certbot certonly \ --force-renewal \ --standalone \ --non-interactive \ --agree-tos \ --email support@apoyar.eu \ --domains sslvpn.apoyar.net \ --pre-hook 'sudo service openvpnas stop' \ --post-hook 'sudo service openvpnas start' ln -s -f /certificate path /usr/local/openvpn_as/et...")
(No difference)

Revision as of 05:59, 29 March 2022

Make sure certbot is not installed by OS packaging

Install CertBot using Snap

Invoke CertBot and generate the cert:

systemctl stop openvpnas

systemctl status openvpnas

certbot certonly \ 

 --force-renewal \
 --standalone \
 --non-interactive \	
 --agree-tos \
 --email support@apoyar.eu \
 --domains sslvpn.apoyar.net \
 --pre-hook 'sudo service openvpnas stop' \
 --post-hook 'sudo service openvpnas start'

ln -s -f /certificate path /usr/local/openvpn_as/etc/web-ssl/server.crt

ln -s -f /keyfile path /usr/local/openvpn_as/etc/web-ssl/server.key

cd /usr/local/openvpn_as/scripts

./sacli stop

./sacli --key "cs.priv_key" --value_file "/etc/letsencrypt/live/sslvpn.apoyar.net/privkey.pem" ConfigPut

./sacli --key "cs.cert" --value_file "/etc/letsencrypt/live/sslvpn.apoyar.net/fullchain.pem" ConfigPut

./sacli start


reboot

Retrieved from ‘https://wiki.apoyar.eu/index.php?title=Renewing_SSL_Certificate_on_OpenVPN_Server&oldid=225