letsencrypt https://keopx.net/ es Instalar certificados SSL en Debian 9 con certbot (Let's Encrypt - Free SSL/TLS Certificates) https://keopx.net/blog/instalar-certificados-ssl-en-debian-9-con-certbot-lets-encrypt-free-ssltls-certificates <span>Instalar certificados SSL en Debian 9 con certbot (Let&#039;s Encrypt - Free SSL/TLS Certificates)</span> <div class="text-content clearfix field field--name-body field--type-text-with-summary field--label-hidden field__item"><p>Hace tiempo escribit un articulo sobre <a href="https://www.keopx.net/blog/instalar-certificados-de-lets-encrypt-free-ssltls-certificates-en-debian-ubuntu">Instalar certificados de Let's Encrypt - Free SSL/TLS Certificates en Debian / Ubuntu</a></p> <p>Este post es una revisión de que escribí.</p> <h1>Instalación</h1> <pre> <code class="language-bash"># apt-get install certbot</code></pre><h2>Configurar Apache</h2> <pre> <code class="language-bash"># nano /etc/apache2/sites-available/www.keopx.net-ssl.conf</code></pre><p>Y añadimos el <strong>-ssl</strong> por la existencia de un <strong><a href="https://github.com/certbot/certbot/issues/1042">bug</a></strong> en el <strong>certbot</strong>, que solo es capaz de distinguir un <strong>virtualhost</strong> por fichero <strong>*.conf</strong></p> <pre> <code class="language-bash">&lt;VirtualHost *:443&gt; ServerAdmin keopx@keopx.net ServerName www.keopx.net DocumentRoot /var/www/keopx.net/web &lt;Directory /var/www/keopx.net/web/&gt; Options FollowSymLinks AllowOverride All Require all granted &lt;/Directory&gt; ErrorLog /var/log/apache2/error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog /var/log/apache2/access.log combined ServerSignature On SSLCertificateFile /etc/letsencrypt/live/www.keopx.net/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/www.keopx.net/privkey.pem Include /etc/letsencrypt/options-ssl-apache.conf &lt;/VirtualHost&gt; </code></pre><h2>Creamos el SSL</h2> <pre> <code class="language-bash">certbot --apache -d www.keopx.net</code></pre><h2>Actualizamos los certificados</h2> <pre> <code class="language-bash">certbot renew --dry-run</code></pre><p>Referencias</p> <ul><li><a href="https://certbot.eff.org/docs/using.html#apache">https://certbot.eff.org/docs/using.html#apache</a></li> <li><a href="https://certbot.eff.org/docs/using.html?highlight=renew#renewing-certificates">https://certbot.eff.org/docs/using.html?highlight=renew#renewing-certif…</a></li> <li>Bug: <a href="https://github.com/certbot/certbot/issues/1042">https://github.com/certbot/certbot/issues/1042</a></li> </ul></div> <span><span>keopx</span></span> <span><time datetime="2017-09-02T12:34:20+02:00" title="Sábado, Septiembre 2, 2017 - 12:34">Sáb, 02/09/2017 - 12:34</time> </span> <div class="field field--name-field-tax-cat field--type-entity-reference field--label-above"> <div class="field__label">Categoria</div> <div class="field__items"> <div class="field__item"><a href="/categoria/letsencrypt" hreflang="es">letsencrypt</a></div> <div class="field__item"><a href="/categoria/seguridad" hreflang="es">Seguridad</a></div> <div class="field__item"><a href="/categoria/apache2" hreflang="es">Apache2</a></div> <div class="field__item"><a href="/categoria/debian-9" hreflang="es">Debian 9</a></div> </div> </div> <div class="field field--name-field-tax-tag field--type-entity-reference field--label-above"> <div class="field__label">Tag</div> <div class="field__items"> <div class="field__item"><a href="/tag/seguridad" hreflang="es">seguridad</a></div> <div class="field__item"><a href="/tag/apache" hreflang="es">apache</a></div> <div class="field__item"><a href="/tag/debian-9" hreflang="es">Debian 9</a></div> <div class="field__item"><a href="/tag/sistemas" hreflang="es">Sistemas</a></div> <div class="field__item"><a href="/tag/certbot" hreflang="es">certbot</a></div> </div> </div> <section data-drupal-selector="comments" class="comments"> <h2 class="comments__title">Comentarios</h2> <div class="add-comment"> <div class="add-comment__form"> <drupal-render-placeholder callback="comment.lazy_builders:renderForm" arguments="0=node&amp;1=292&amp;2=field_comments&amp;3=comment" token="e2q1tlu9gNjnsY9-OEPJORmF6R9X08tqdM22YQUr6Hk"></drupal-render-placeholder> </div> </div> </section> Sat, 02 Sep 2017 10:34:20 +0000 keopx 292 at https://keopx.net Instalar certificados de Let's Encrypt - Free SSL/TLS Certificates en Debian / Ubuntu https://keopx.net/blog/instalar-certificados-de-lets-encrypt-free-ssltls-certificates-en-debian-ubuntu <span>Instalar certificados de Let&#039;s Encrypt - Free SSL/TLS Certificates en Debian / Ubuntu</span> <div class="text-content clearfix field field--name-body field--type-text-with-summary field--label-hidden field__item"><p>Activamos ssl para apache:</p> <pre> <code class="language-bash">a2enmod ssl</code></pre><p>Añadimos a nuestro site la configuración correcta:</p> <pre> <code class="language-apache">... &lt;VirtualHost *:443&gt; ServerAdmin keopx@keopx.net ServerName www.keopx.net DocumentRoot /var/www/keopx.net/docroot &lt;Directory /var/www/keopx.net/docroot/&gt; # Options FollowSymLinks Options SymLinksIfOwnerMatch AllowOverride All Require all granted &lt;/Directory&gt; ErrorLog /var/log/apache2/error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog /var/log/apache2/access.log combined ServerSignature On SSLCertificateFile /etc/letsencrypt/live/www.keopx.net/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/www.keopx.net/privkey.pem Include /etc/letsencrypt/options-ssl-apache.conf &lt;/VirtualHost&gt; &lt;VirtualHost *:80&gt; ServerName keopx.net Redirect 301 / http://www.keopx.net/ &lt;/VirtualHost&gt; ....</code></pre><p>Procedemos a instalar <strong>letsencrypt:</strong></p> <pre> <code class="language-bash">cd /opt git clone https://github.com/certbot/certbot.git letsencrypt</code></pre><p>Configuramos <strong>letsencrypt</strong>:</p> <pre> <code class="language-bash">nano /etc/letsencrypt/keopx.ini</code></pre><pre> <code class="language-ini">authenticator = webroot webroot-path = /var/www/keopx.net/docroot renew-by-default agree-dev-preview agree-tos email = keopx@keopx.net</code></pre><p>Procedemos a crear el certificado (duran 3 meses):</p> <pre> <code class="language-bash">/opt/letsencrypt/certbot-auto --config /etc/letsencrypt/keopx.ini --user-agent letsencrypt-ubuntu-webroo -d www.keopx.net certonly</code></pre><p>Ahora es necesario reiniciar apache:</p> <pre> <code class="language-bash">service apache2 reload</code></pre><h2>Automatizar renovaciones automáticas:</h2> <p>crontab -e</p> <pre> <code class="language-bash">6 0 1 * * /opt/letsencrypt/certbot-auto --config /etc/letsencrypt/phpmyadmin.isarea.ini --user-agent letsencrypt-ubuntu-webroot -d phpmyadmin.isarea.com certonly &amp;&amp; service apache2 reload</code></pre><p> </p> </div> <span><span>keopx</span></span> <span><time datetime="2016-12-09T19:41:34+01:00" title="Viernes, Diciembre 9, 2016 - 19:41">Vie, 09/12/2016 - 19:41</time> </span> <div class="field field--name-field-tax-cat field--type-entity-reference field--label-above"> <div class="field__label">Categoria</div> <div class="field__items"> <div class="field__item"><a href="/categoria/letsencrypt" hreflang="es">letsencrypt</a></div> <div class="field__item"><a href="/categoria/sistemas" hreflang="es">Sistemas</a></div> <div class="field__item"><a href="/categoria/gnu-linux" hreflang="es">GNU Linux</a></div> <div class="field__item"><a href="/categoria/apache2" hreflang="es">Apache2</a></div> <div class="field__item"><a href="/categoria/debian" hreflang="es">Debian</a></div> <div class="field__item"><a href="/categoria/ubuntu" hreflang="es">Ubuntu</a></div> </div> </div> <div class="field field--name-field-tax-tag field--type-entity-reference field--label-above"> <div class="field__label">Tag</div> <div class="field__items"> <div class="field__item"><a href="/tag/ssl" hreflang="es">SSL</a></div> <div class="field__item"><a href="/tag/apache" hreflang="es">apache</a></div> <div class="field__item"><a href="/tag/sistemas" hreflang="es">Sistemas</a></div> <div class="field__item"><a href="/tag/gnu-linux" hreflang="es">GNU Linux</a></div> <div class="field__item"><a href="/tag/debian" hreflang="es">Debian</a></div> <div class="field__item"><a href="/tag/ubuntu" hreflang="es">Ubuntu</a></div> </div> </div> <section data-drupal-selector="comments" class="comments"> <h2 class="comments__title">Comentarios<span class="comments__count">1</span></h2> <div class="add-comment"> <div class="add-comment__form"> <drupal-render-placeholder callback="comment.lazy_builders:renderForm" arguments="0=node&amp;1=268&amp;2=field_comments&amp;3=comment" token="ViRdZ4E193bGeokwU7Vx3JhRTMv5dcCOesVVnXH3wco"></drupal-render-placeholder> </div> </div> <article data-comment-user-id="0" id="comment-2406" class="comment js-comment comment--level-1 by-anonymous" role="article" data-drupal-selector="comment"> <span class="hidden" data-comment-timestamp="1481529425"></span> <div class="comment__picture-wrapper"> <div class="comment__picture"> <div> </div> </div> </div> <div class="comment__text-wrapper"> <footer class="comment__meta"> <p class="comment__author"><a rel="nofollow" href="http://example.com">Anonymous (no verificado)</a></p> <p class="comment__time">hace 7 años 11 meses</p> </footer> <div class="comment__content"> <h3><a href="/comment/2406#comment-2406" class="permalink" rel="bookmark" hreflang="es">Muy bueno</a></h3> <div class="text-content field field--name-comment-body field--type-text-long field--label-hidden field__item comment__text-content"><p>Gracias tenía agendado hacer esto en mi web y todavía no lo había buscado. A los favoritos!</p> </div> <drupal-render-placeholder callback="comment.lazy_builders:renderLinks" arguments="0=2406&amp;1=default&amp;2=es&amp;3=" token="XKZRmaQE02eOBhDwVf2FSfXRCPk_vEfNYu7q-LsQSy4"></drupal-render-placeholder> </div> </div> </article> </section> Fri, 09 Dec 2016 18:41:34 +0000 keopx 268 at https://keopx.net