FeministWiki:Technical documentation: Difference between revisions
    Line 117: Line 117:
      cat fullchain.pem privkey.pem > certbundle.pem
      cat fullchain.pem privkey.pem > certbundle.pem


    The script <code>/root/bin/letsencrypt-refresh</code> '''does all of the above''', so in practice you just need to run the following commands to recreate the cert:
    The script <code>/root/bin/letsencrypt-refresh</code> '''does all of the above''' automatically.  It stops Apache, runs the commands described above, and starts Apache again. This can be used not only to refresh a cert that's running out, but also to add a new domain to the cert.  Just add the domain to <code>/root/etc/domains</code> and run the commands. Note that the letsencrypt command may not work well on a "dumb" terminal such as an Emacs shell buffer.  If in doubt, run it from within a proper terminal emulator.
     
    service apache2 stop  # Assuming Apache is running on the machine
      letsencrypt-refresh
    service apache2 start
     
    The above can be used not only to refresh a cert that's running out, but also to add a new domain to the cert.  Just add the domain to <code>/root/etc/domains</code> and run the commands.
     
    Note that the letsencrypt command may not work well on a "dumb" terminal such as an Emacs shell buffer.  If in doubt, run it from within a proper terminal emulator.


    === Readability of the key files ===
    === Readability of the key files ===
    Retrieved from "https://feministwiki.org/wiki/FeministWiki:Technical_documentation"