SSL Certification Installation on Linux

From Apoyar Wiki
Jump to navigation Jump to search 
                                                          SSL Installation On linux

SSL Installation has to be done on every website for security of the website.First we should login into server and then go to cd /etc/nginx/sites-available under this path we will host an website suppose there is an demowebsite.conf file. We should open that file in this file beside the server name there will be website name eg-demolinux.devopstraining.com.Now the website shows it was not secure because the https is not Enabled so we have to secure the website . There will be one website certbot.eff.org in this webite we have to give webservice name and also operating system and we should run the below commands to install the packages. For the first time SSL Installation we need to install packages. Sudo snap install core; sudo snap refresh core Sudo snap install --classic certbot Now we have to create the soft links by using below commands Sudo ln –s /snap/bin/certbot/ /usr/bin/certbot Sudo certbot –Nginx. If we use the above command automatically it will create the package and configure and redirects.If we use this command Sometimes it might Misconfigures. After that commands it asks for Email-id so that for every 90 days it will send us notifications to Renewal the certificate. It also shows the all domains configure in the particular server.So that time we should give the number of particular domain we want to Renewal SSL Certificate. If still is not responding means sometimes it may due to not enabling HTTPS(443) Port so that in security group we should have to edit inbound Rules and we have to configure the port and then the website will Respond. At the top we can see the security icon we can click on that and we can see the details of certificate and how much days it will be valid. Now only for Renewal we should use the below command.It only generates the certificate. Sudo certbot certonly –nginx After giving the above command we should have to Enable Renew & Replace the certificate.Then it will provide two commands /etc/letsencrypt/live/demolinux.devopstraining.xyz/fullchain.pem /e tc/letsencrypt/live/demolinux.devopstraining.xyz/privkey.pem Now we should copy above two commands and we should go to /etc/nginx/sites-available/vim .conf and in this file we should replace the two commands and then we should reload the Nginx and then the new renewal will be extended.

Retrieved from ‘https://wiki.apoyar.eu/index.php?title=SSL_Certification_Installation_on_Linux&oldid=223