The Apache docs would be a good place to consult for this question.
Here details on Apache can be found in documentation and forums:
root@sk1:/home/bitrix/script# certbot certonly --manual
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Please enter the domain name(s) you would like on your certificate (comma and/or
space separated) (Enter 'c' to cancel): bx.btasia.ru
Certificate not yet due for renewal
You have an existing certificate that has exactly the same domains or certificate name you requested and isn't close to expiry.
(ref: /etc/letsencrypt/renewal/bx.btasia.ru.conf)
What would you like to do?
1: Keep the existing certificate for now
2: Renew & replace the certificate (may be subject to CA rate limits)
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
Renewing an existing certificate for bx.btasia.ru
Create a file containing just this data:
tUk2RlP7nfDKG-PwuKBodHX-36FyBWG_WYBje6dKFvI.AIObjWsm3aUJqY-W_X_qCnESOQVtJmr9I1hZIGbVGxU
And make it available on your web server at this URL:
http://bx.btasia.ru/.well-known/acme-challenge/tUk2RlP7nfDKG-PwuKBodHX-36FyBWG_WYBje6dKFvI
Press Enter to Continue
Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/bx.btasia.ru/fullchain.pem
Key is saved at: /etc/letsencrypt/live/bx.btasia.ru/privkey.pem
This certificate expires on 2024-11-03.
These files will be updated when the certificate renews.
I was able to create certificates and run express server on them, without redirecting to apache, but I still get a message that the site is not secure. Is it because the domain is not working now?
Let’s Encrypt offers Domain Validation (DV) certificates; and NOT Certificates for IP Addresses presently.
Got it, then when I set up redirection in apache, everything should work?
There are many ways to "set up redirection in apache
", I can say that they are not all equal.
If you are going to redirect to an IP, it will not match the [FQDN] name on the cert.
As for "everything should work"...
It is difficult to clearly understand what all you are even asking about that should then be working.
It is, however, clear to me that the renewals have not been setup to be automated; So, that part is definitely not as I would like it to be working.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.