94.2 Apache Web Server LetsEncrypt
Secure communications to a web server is
deployed using SSL to encrypt all communications from a browser to the
server (recognised with the
https: prefix, whete s is for secure).
Below we enable the ssl module in apache2, configure it and obtain a free SSL certificate from letsencrypt using certbot to deploy the certificate. Note that letsencrypt sends a challenge to http.
$ wajig install apache2 openssl ssl-cert $ sudo a2enmod ssl $ sudo a2ensite default-ssl $ sudo snap install core; sudo snap refresh core $ sudo snap install --classic certbot $ sudo certbot --apache Enter email address Agree to the Terms of Service Send email address to EFF Enter in your domain names $ sudo certbot renew --dry-run $ wajig restart apache2
The certificate will be automatically updated through a timer. To list all times use systemctl to list-timers.
Expect to see an entry like:
Fri 2021-09-03 07:17:00 AEST 10h left n/a n/a snap.certbot.renew.timer snap.certbot.renew.service
If the certbot command is not found the it may need to be linked from the installation in the snap bin to the system bin folder
sudo ln -s /snap/bin/certbot /usr/bin/certbot
To manually renew the LetsEncrypt certificate:
sudo certbot renew
Your donation will support ongoing availability and give you access to the PDF version of this book. Desktop Survival Guides include Data Science, GNU/Linux, and MLHub. Books available on Amazon include Data Mining with Rattle and Essentials of Data Science. Popular open source software includes rattle, wajig, and mlhub. Hosted by Togaware, a pioneer of free and open source software since 1984. Copyright © 1995-2022 Graham.Williams@togaware.com Creative Commons Attribution-ShareAlike 4.0