|
If you use the command line tool you don't have to upload anything. Even the official tutorial basically runs exactly what sub said.
https://certbot.eff.org/#ubuntutyakkety-apache
Even the link you posted in a later post shows where the certs go to. Here's the (nginx) config I had for my old serv, notice that it references exactly what your later posts say. I'm not sure why you say you have to upload anything and then post a link to the docs that shows where the certs go after running the command to get a cert.
Code:server { listen 443 ssl http2 default_server; ssl_certificate /etc/letsencrypt/live/zanadra.com/cert.pem; ssl_certificate_key /etc/letsencrypt/live/zanadra.com/privkey.pem; root /var/www/temporary; # Add index.php to the list if you are using PHP index index.php index.html index.htm index.nginx-debian.html; server_name www.zanadra.com; # add Strict-Transport-Security header to tell browsers to always use ssl add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; # static file configuration location ~* .(gif|jpg|jpeg|png|ico|wmv|3gp|avi|mpg|mpeg|mp4|flv|mp3|mid|js|css|wml|swf)$ { expires max; add_header Pragma public; add_header Cache-Control "public, must-revalidate, proxy-revalidate"; access_log off; } # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # location ~ \.php$ { include snippets/fastcgi-php.conf; fastcgi_pass unix:/run/php/php7.0-fpm.sock; } # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # location ~ /\.ht { deny all; } }
1. your tutorial is titled free ssl and install, is that not what the tutorial i posted does?
2. whats incomplete (i did say example)
3. i said its for debian/ubuntu, the process isnt very different for any common server os
4. revory? what? i assume you mean recovery, which wouldnt be part of an INSTALLATION tutorial
5. because it didnt need explaining, if they are managing their own webserver i assume they have a basic grasp of what they are doing
6. the last two commands are setting a cron job to renew the certificate
i wasnt claiming to have written a comprehensive tutorial on how to secure your webserver
i was questioning what in the content i did write wont work?
I thought I'd let you know that this needs to be manually renewed every three months considering that is the lifetime for Let's Encrypt certificates.
Jesus christ this community went to shit...
Jacob, thanks for the tutorial, pretty sure people will find it useful.
Substance, thanks for adding on-to the tutorial.
Tip: Use cloudflare for your SSL, you'll have DDoS protection and analytics aswell, all for free.
« Previous Thread | Next Thread » |
Thread Information |
Users Browsing this ThreadThere are currently 1 users browsing this thread. (0 members and 1 guests) |