175
edits
Renewing SSL Certificate on OpenVPN Server: Difference between revisions
Renewing SSL Certificate on OpenVPN Server (edit)
Revision as of 09:02, 21 September 2022
, 21 September 2022no edit summary
(Created page with "Make sure certbot is not installed by OS packaging Install CertBot using Snap Invoke CertBot and generate the cert: systemctl stop openvpnas systemctl status openvpnas certbot certonly \ --force-renewal \ --standalone \ --non-interactive \ --agree-tos \ --email support@apoyar.eu \ --domains sslvpn.apoyar.net \ --pre-hook 'sudo service openvpnas stop' \ --post-hook 'sudo service openvpnas start' ln -s -f /certificate path /usr/local/openvpn_as/et...") |
No edit summary |
||
| Line 4: | Line 4: | ||
Invoke CertBot and generate the cert: | Invoke CertBot and generate the cert: | ||
Login to openvpn server from jupiter (10.0.1.55 using neal user and apoyar key) | |||
systemctl stop openvpnas | systemctl stop openvpnas | ||
| Line 9: | Line 11: | ||
systemctl status openvpnas | systemctl status openvpnas | ||
certbot certonly | certbot certonly --force-renewal --standalone --non-interactive --agree-tos --email support@apoyar.eu --domains sslvpn.apoyar.net --pre-hook 'sudo service openvpnas stop' --post-hook 'sudo service openvpnas start' | ||
(If getting error about port 80 while running above command, we have to kill the process running on that port) | |||
to check services running on ports, run below command | |||
netstat -anpt | grep LISTEN | |||
check here and kill process and then try again running certbot command, once command executed get the certificate and key details, edit in below commands and execute below 2 commands | |||
ln -s -f /certificate path /usr/local/openvpn_as/etc/web-ssl/server.crt | ln -s -f /certificate path /usr/local/openvpn_as/etc/web-ssl/server.crt | ||