FeministWiki:Technical documentation: Difference between revisions

FeministWiki:Technical documentation (view source)

106 bytes removed , 21 December 2019

1,084

edits

@@ Line 117: / Line 117: @@
   cat fullchain.pem privkey.pem > certbundle.pem
-The script <code>/root/bin/letsencrypt-refresh</code> '''does all of the above''', so in practice you just need to run the following commands to recreate the cert:
+The script <code>/root/bin/letsencrypt-refresh</code> '''does all of the above''' automatically.  It stops Apache, runs the commands described above, and starts Apache again.  This can be used not only to refresh a cert that's running out, but also to add a new domain to the cert.  Just add the domain to <code>/root/etc/domains</code> and run the commands.  Note that the letsencrypt command may not work well on a "dumb" terminal such as an Emacs shell buffer.  If in doubt, run it from within a proper terminal emulator.
- service apache2 stop  # Assuming Apache is running on the machine
-  letsencrypt-refresh
- service apache2 start
-The above can be used not only to refresh a cert that's running out, but also to add a new domain to the cert.  Just add the domain to <code>/root/etc/domains</code> and run the commands.
-Note that the letsencrypt command may not work well on a "dumb" terminal such as an Emacs shell buffer.  If in doubt, run it from within a proper terminal emulator.
 === Readability of the key files ===