Difference between revisions of "Let's Encryp Debian 8"
Jump to navigation
Jump to search
Rafahsolis (talk | contribs) (Created page with " sudo nano /etc/apt/sources.list.d/backports.list deb http://ftp.debian.org/debian jessie-backports main sudo apt-get install python-certbot-apache -t jessie-backports T...") |
Rafahsolis (talk | contribs) |
||
| (2 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
| + | == Cert Bot install == | ||
sudo nano /etc/apt/sources.list.d/backports.list | sudo nano /etc/apt/sources.list.d/backports.list | ||
| − | + | Put this inside the file | |
| − | |||
deb http://ftp.debian.org/debian jessie-backports main | deb http://ftp.debian.org/debian jessie-backports main | ||
| + | Run: | ||
| + | sudo apt-get install python-certbot-apache -t jessie-backports | ||
| − | + | == Apache == | |
To generate certificates & configure apache: | To generate certificates & configure apache: | ||
certbot --apache | certbot --apache | ||
To generate certificates only | To generate certificates only | ||
certbot --apache certonly | certbot --apache certonly | ||
| + | Test auto renewall with (certificates are valid for 90days): | ||
| + | certbot renew --dry-run | ||
| + | |||
| + | |||
| + | == Exim4 == | ||
| + | sudo certbot certonly --standalone -d mail.domain.com | ||
| + | |||
| + | Certificate files will be located as follows (valid for 90days, TODO: Renewall cronjob): | ||
| + | cert = /etc/letsencrypt/live/mail.domain.com/cert.pem | ||
| + | privkey = /etc/letsencrypt/live/mail.domain.com/privkey.pem | ||
| + | chain = /etc/letsencrypt/live/mail.domain.com/chain.pem | ||
| + | fullchain = /etc/letsencrypt/live/mail.domain.com/fullchain.pem | ||
Latest revision as of 18:37, 18 November 2016
Cert Bot install[edit]
sudo nano /etc/apt/sources.list.d/backports.list
Put this inside the file
deb http://ftp.debian.org/debian jessie-backports main
Run:
sudo apt-get install python-certbot-apache -t jessie-backports
Apache[edit]
To generate certificates & configure apache:
certbot --apache
To generate certificates only
certbot --apache certonly
Test auto renewall with (certificates are valid for 90days):
certbot renew --dry-run
Exim4[edit]
sudo certbot certonly --standalone -d mail.domain.com
Certificate files will be located as follows (valid for 90days, TODO: Renewall cronjob):
cert = /etc/letsencrypt/live/mail.domain.com/cert.pem privkey = /etc/letsencrypt/live/mail.domain.com/privkey.pem chain = /etc/letsencrypt/live/mail.domain.com/chain.pem fullchain = /etc/letsencrypt/live/mail.domain.com/fullchain.pem