94.2 Apache Web Server LetsEncrypt
20210902
Secure communications to a web server is
deployed using SSL to encrypt all communications from a browser to the
server (recognised with the https:
prefix, whete s is for secure).
Below we enable the ssl module in apache2, configure it and obtain a free SSL certificate from letsencrypt using certbot to deploy the certificate. Note that letsencrypt sends a challenge to http.
$ wajig install apache2 openssl ssl-cert
$ sudo a2enmod ssl
$ sudo a2ensite default-ssl
$ sudo snap install core; sudo snap refresh core
$ sudo snap install --classic certbot
$ sudo certbot --apache
Enter email address
Agree to the Terms of Service
Send email address to EFF
Enter in your domain names
$ sudo certbot renew --dry-run
$ wajig restart apache2
The certificate will be automatically updated through a timer. To list all times use systemctl to list-timers.
systemctl list-timers
Expect to see an entry like:
Fri 2021-09-03 07:17:00 AEST 10h left n/a n/a snap.certbot.renew.timer snap.certbot.renew.service
If the certbot command is not found the it may need to be linked from the installation in the snap bin to the system bin folder
sudo ln -s /snap/bin/certbot /usr/bin/certbot
To manually renew the LetsEncrypt certificate:
sudo certbot renew
Your donation will support ongoing availability and give you access to the PDF version of this book. Desktop Survival Guides include Data Science, GNU/Linux, and MLHub. Books available on Amazon include Data Mining with Rattle and Essentials of Data Science. Popular open source software includes rattle, wajig, and mlhub. Hosted by Togaware, a pioneer of free and open source software since 1984. Copyright © 1995-2022 Graham.Williams@togaware.com Creative Commons Attribution-ShareAlike 4.0
