Différences

Ci-dessous, les différences entre deux révisions de la page.

Lien vers cette vue comparative

Les deux révisions précédentes Révision précédente
Prochaine révision
Révision précédente
user:domenge:certbot [2018/04/18 10:25]
domenge [Verificacion]
user:domenge:certbot [2018/04/18 10:34] (Version actuelle)
domenge [Verificacion]
Ligne 1: Ligne 1:
-====== ​CERBOT ​======+====== ​CERTBOT ​======
 [[https://​certbot.eff.org/​lets-encrypt/​ubuntutrusty-apache.html|Apache on Ubuntu 14.04 (trusty)]] [[https://​certbot.eff.org/​lets-encrypt/​ubuntutrusty-apache.html|Apache on Ubuntu 14.04 (trusty)]]
  
Ligne 10: Ligne 10:
 $ sudo apt-get update $ sudo apt-get update
 $ sudo apt-get install python-certbot-apache ​ $ sudo apt-get install python-certbot-apache ​
 +</​code>​
 +===== Enregament =====
 +<code bash>
 +$ sudo certbot run --apache -d sem.macarel.net -d macarel.net -d www.macarel.net -d ocloud.macarel.net -d vai.macarel.net
 +...
 +Saving debug log to /​var/​log/​letsencrypt/​letsencrypt.log
 +Plugins selected: Authenticator apache, Installer apache
 +Obtaining a new certificate
 +Performing the following challenges:
 +http-01 challenge for sem.macarel.net
 +http-01 challenge for macarel.net
 +http-01 challenge for www.macarel.net
 +http-01 challenge for ocloud.macarel.net
 +http-01 challenge for vai.macarel.net
 +Waiting for verification...
 +Cleaning up challenges
 +Deploying Certificate to VirtualHost /​etc/​apache2/​sites-enabled/​sem.conf
 +Deploying Certificate to VirtualHost /​etc/​apache2/​sites-enabled/​000-default-le-ssl.conf
 +Deploying Certificate to VirtualHost /​etc/​apache2/​sites-enabled/​000-default-le-ssl.conf
 +Deploying Certificate to VirtualHost /​etc/​apache2/​sites-enabled/​owncloud.conf
 +Deploying Certificate to VirtualHost /​etc/​apache2/​sites-enabled/​vai-le-ssl.conf
 +
 +Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
 +-------------------------------------------------------------------------------
 +1: No redirect - Make no further changes to the webserver configuration.
 +2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
 +new sites, or if you're confident your site works on HTTPS. You can undo this
 +change by editing your web server'​s configuration.
 +-------------------------------------------------------------------------------
 +Select the appropriate number [1-2] then [enter] (press '​c'​ to cancel): 1
 +
 +-------------------------------------------------------------------------------
 +Congratulations! You have successfully enabled https://​sem.macarel.net,​
 +https://​macarel.net,​ https://​www.macarel.net,​ https://​ocloud.macarel.net,​ and
 +https://​vai.macarel.net
 +
 +You should test your configuration at:
 +https://​www.ssllabs.com/​ssltest/​analyze.html?​d=sem.macarel.net
 +https://​www.ssllabs.com/​ssltest/​analyze.html?​d=macarel.net
 +https://​www.ssllabs.com/​ssltest/​analyze.html?​d=www.macarel.net
 +https://​www.ssllabs.com/​ssltest/​analyze.html?​d=ocloud.macarel.net
 +https://​www.ssllabs.com/​ssltest/​analyze.html?​d=vai.macarel.net
 +-------------------------------------------------------------------------------
 +
 +IMPORTANT NOTES:
 + - Congratulations! Your certificate and chain have been saved at:
 +   /​etc/​letsencrypt/​live/​sem.macarel.net-0001/​fullchain.pem
 +   Your key file has been saved at:
 +   /​etc/​letsencrypt/​live/​sem.macarel.net-0001/​privkey.pem
 +   Your cert will expire on 2018-07-17. To obtain a new or tweaked
 +   ​version of this certificate in the future, simply run certbot again
 +   with the "​certonly"​ option. To non-interactively renew *all* of
 +   your certificates,​ run "​certbot renew"
 + - If you like Certbot, please consider supporting our work by:
 +
 +   ​Donating to ISRG / Let's Encrypt: ​  ​https://​letsencrypt.org/​donate
 +   ​Donating to EFF:                    https://​eff.org/​donate-le
 +...
 </​code>​ </​code>​
 ===== Verificacion ===== ===== Verificacion =====
-https://​www.ssllabs.com/​ssltest/​analyze.html?​d=**www.macarel.net**+<code bash> 
 +$ sudo certbot certificates 
 +Saving debug log to /​var/​log/​letsencrypt/​letsencrypt.log 
 + 
 +------------------------------------------------------------------------------- 
 +Found the following certs: 
 +  Certificate Name: sem.macarel.net 
 +    Domains: sem.macarel.net ocloud.macarel.net osca-oc.org vai.macarel.net www.macarel.net 
 +    Expiry Date: 2018-07-17 05:​56:​28+00:​00 (VALID: 89 days) 
 +    Certificate Path: /​etc/​letsencrypt/​live/​sem.macarel.net/​fullchain.pem 
 +    Private Key Path: /​etc/​letsencrypt/​live/​sem.macarel.net/​privkey.pem 
 +  Certificate Name: sem.macarel.net-0001 
 +    Domains: sem.macarel.net macarel.net ocloud.macarel.net vai.macarel.net www.macarel.net 
 +    Expiry Date: 2018-07-17 08:​39:​08+00:​00 (VALID: 89 days) 
 +    Certificate Path: /​etc/​letsencrypt/​live/​sem.macarel.net-0001/​fullchain.pem 
 +    Private Key Path: /​etc/​letsencrypt/​live/​sem.macarel.net-0001/​privkey.pem 
 +------------------------------------------------------------------------------- 
 +</​code>​ 
 +==== Validacion ==== 
 + 
 +https://​www.ssllabs.com/​ssltest/​analyze.html?​d=**www.macarel.net**\\ 
 [[https://​www.ssllabs.com/​ssltest/​analyze.html?​d=www.macarel.net|SSL LABS verifica lo ligam securizat]] [[https://​www.ssllabs.com/​ssltest/​analyze.html?​d=www.macarel.net|SSL LABS verifica lo ligam securizat]]