let_s_encrypt
Différences
Ci-dessous, les différences entre deux révisions de la page.
Les deux révisions précédentesRévision précédenteProchaine révision | Révision précédente | ||
let_s_encrypt [2018/01/10 01:48] – simon | let_s_encrypt [Date inconnue] (Version actuelle) – supprimée - modification externe (Date inconnue) 127.0.0.1 | ||
---|---|---|---|
Ligne 1: | Ligne 1: | ||
- | ====== Let's Encrypt ====== | ||
- | [[https:// | ||
- | ===== Configuration des certificats Let's Encrypt ===== | ||
- | J'ai configuré les certificats pour plusieurs noms de domaines et voici la procédure suivie, pour le domaine fictif " | ||
- | |||
- | J'ai utilisé l' | ||
- | |||
- | <code bash> | ||
- | # wget https:// | ||
- | --2018-01-10 02: | ||
- | Resolving raw.githubusercontent.com (raw.githubusercontent.com)... 151.101.120.133 | ||
- | Connecting to raw.githubusercontent.com (raw.githubusercontent.com)|151.101.120.133|: | ||
- | HTTP request sent, awaiting response... 200 OK | ||
- | Length: 9179 (9.0K) [text/ | ||
- | Saving to: ‘/ | ||
- | |||
- | / | ||
- | |||
- | 2018-01-10 02:30:22 (51.4 MB/s) - ‘/ | ||
- | </ | ||
- | |||
- | On crée un dossier pour Let's Encrypt, avec les bons droits : | ||
- | <code bash> | ||
- | # mkdir / | ||
- | # chown root: | ||
- | # chmod 750 / | ||
- | </ | ||
- | |||
- | On se déplace dans le dossier qu'on vient de créer : | ||
- | <code bash> | ||
- | # cd / | ||
- | </ | ||
- | |||
- | Et on lance la génération d'une clé privée : | ||
- | <code bash> | ||
- | </ | ||
- | |||
- | |||
- | |||
- | NOUVELLE SOLUTION : | ||
- | |||
- | <code bash> | ||
- | # apt install python-certbot-apache | ||
- | </ | ||
- | < | ||
- | <code bash> | ||
- | Reading package lists... Done | ||
- | Building dependency tree | ||
- | Reading state information... Done | ||
- | The following additional packages will be installed: | ||
- | augeas-lenses certbot libaugeas0 python-acme python-augeas python-certbot python-chardet python-configargparse python-configobj | ||
- | python-dnspython python-funcsigs python-mock python-openssl python-parsedatetime python-pbr python-psutil python-pyicu python-requests | ||
- | python-rfc3339 python-tz python-urllib3 python-zope.component python-zope.event python-zope.hookable python-zope.interface | ||
- | Suggested packages: | ||
- | augeas-doc python-certbot-doc augeas-tools python-acme-doc python-certbot-apache-doc python-configobj-doc python-funcsigs-doc | ||
- | python-mock-doc python-openssl-doc python-openssl-dbg python-psutil-doc python-socks python-ntlm | ||
- | The following NEW packages will be installed: | ||
- | augeas-lenses certbot libaugeas0 python-acme python-augeas python-certbot python-certbot-apache python-chardet python-configargparse | ||
- | python-configobj python-dnspython python-funcsigs python-mock python-openssl python-parsedatetime python-pbr python-psutil python-pyicu | ||
- | python-requests python-rfc3339 python-tz python-urllib3 python-zope.component python-zope.event python-zope.hookable | ||
- | python-zope.interface | ||
- | 0 upgraded, 26 newly installed, 0 to remove and 0 not upgraded. | ||
- | Need to get 2,133 kB of archives. | ||
- | After this operation, 9,863 kB of additional disk space will be used. | ||
- | Do you want to continue? [Y/n] | ||
- | (...) | ||
- | </ | ||
- | |||
- | |||
- | <code bash> | ||
- | # certbot --apache | ||
- | Saving debug log to / | ||
- | |||
- | Which names would you like to activate HTTPS for? | ||
- | ------------------------------------------------------------------------------- | ||
- | 1: plouf.com | ||
- | 2: sous.plouf.com | ||
- | 3: piscine.plouf.com | ||
- | ------------------------------------------------------------------------------- | ||
- | Select the appropriate numbers separated by commas and/or spaces, or leave input | ||
- | blank to select all options shown (Enter ' | ||
- | Enter email address (used for urgent renewal and security notices) (Enter ' | ||
- | cancel): | ||
- | |||
- | ------------------------------------------------------------------------------- | ||
- | Please read the Terms of Service at | ||
- | https:// | ||
- | agree in order to register with the ACME server at | ||
- | https:// | ||
- | ------------------------------------------------------------------------------- | ||
- | (A)gree/ | ||
- | Obtaining a new certificate | ||
- | Performing the following challenges: | ||
- | tls-sni-01 challenge for plouf.com | ||
- | tls-sni-01 challenge for sous.plouf.com | ||
- | tls-sni-01 challenge for piscine.plouf.com | ||
- | Enabled Apache socache_shmcb module | ||
- | Enabled Apache ssl module | ||
- | Waiting for verification... | ||
- | Cleaning up challenges | ||
- | Generating key (2048 bits): / | ||
- | Creating CSR: / | ||
- | Created an SSL vhost at / | ||
- | Enabled Apache socache_shmcb module | ||
- | Enabled Apache ssl module | ||
- | Deploying Certificate to VirtualHost / | ||
- | Enabling available site: / | ||
- | An unexpected error occurred: | ||
- | StopIteration | ||
- | Please see the logfiles in / | ||
- | |||
- | IMPORTANT NOTES: | ||
- | - Unable to install the certificate | ||
- | - Congratulations! Your certificate and chain have been saved at | ||
- | / | ||
- | | ||
- | | ||
- | " | ||
- | | ||
- | - If you lose your account credentials, | ||
- | | ||
- | - Your account credentials have been saved in your Certbot | ||
- | | ||
- | | ||
- | also contain certificates and private keys obtained by Certbot so | ||
- | | ||
- | </ | ||
- | |||
- | <code bash> | ||
- | </ | ||
- | |||
- | <code bash> | ||
- | </ | ||
- | |||
- | <code bash> | ||
- | </ | ||
- | |||
- | <code bash> | ||
- | </ | ||
- | |||
- | <code bash> | ||
- | </ | ||
- | |||
- | <code bash> | ||
- | </ | ||
- | |||
- | <code bash> | ||
- | </ | ||
- | |||
- | <code bash> | ||
- | </ | ||
- | |||
- | <code bash> | ||
- | </ | ||
- | |||
- | <code bash> | ||
- | </ | ||
- | |||
- | ===== Sources ===== | ||
- | * [[https:// |