Installing and configuring "certbot", obtaining a certificate, adding auto-update to "cron"
sudo apt update sudo apt install certbot
Let's create a test folder (carefully with the owner and rights): sudo mkdir -p /var/lib/letsencrypt/.well-known sudo chgrp www-data /var/lib/letsencrypt sudo chmod g+s /var/lib/letsencrypt
Let's create an "apache" config for "letsencrypt" "/etc/apache2/conf-available/letsencrypt.conf": Alias /.well-known/acme-challenge/ "/var/lib/letsencrypt/.well-known/acme-challenge/" AllowOverride None Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec Require method GET POST OPTIONS
Restart "apache": systemctl restart apache2
Request a receipt: sudo certbot certonly --agree-tos --email info@domain.ru --webroot -w /var/lib/letsencrypt/ -d domain.ru
For example, let's add a certificate to the "/etc/apache2/conf-available/phpmyadmin.conf" config: Alias /phpmyadmin /usr/share/phpmyadmin ... SSLEngine On SSLCertificateFile /etc/letsencrypt/live/domain.ru/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/domain.ru/privkey.pem ...
Restart "apache": systemctl restart apache2
Let's open https://domain.ru/phpmyadmin
← Back