Let's Encrypt - SSL Certificates

From InToSSH's Tutorials & Scripts
Jump to navigation Jump to search

This is a short tutorial on how to issue a certificat for both "domain.tld" and "www.domain.tld" using Apache server.

The virtual host file

Let's assume we have a vhost file that looks like this:

 1 <VirtualHost *:80>
 2     ServerName domain.tld
 3     ServerAlias www.domain.tld
 4     ServerAdmin admin@domain.tld
 5     DocumentRoot /var/www/hosts/domain/public
 6 
 7     <Directory /var/www/hosts/domain>
 8         Require all granted
 9         AllowOverride All
10     </Directory>
11     <FilesMatch \.php$>
12         SetHandler "proxy:unix:/var/run/php/php7.1-fpm.sock|fcgi://localhost/"
13     </FilesMatch>
14 
15 
16     ErrorLog ${APACHE_LOG_DIR}/error.log
17     CustomLog ${APACHE_LOG_DIR}/access.log combined
18 
19 </VirtualHost>

This file should be named according to the domain used. In this example domain.tld.conf

Generating the certificate

To issuethe certificate for both domains, we need to use this command:

certbot --apache -d domain.tld -d www.domain.tld

Certbot will pick up the config file, and either ask you to expand the existing certificate (in case it was already issued only for one of the domains), or create a new one.

Then you will be asked if you want to redirect automatically to the HTTPS.