Thread: Free SSL + Install Tutorial

Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 24
  1. #11  
    aaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaa
    Planets's Avatar
    Join Date
    Aug 2014
    Age
    29
    Posts
    2,159
    Thanks given
    673
    Thanks received
    1,955
    Rep Power
    5000
    Quote Originally Posted by jacob3175 View Post
    but what you posted about the cert bot was wrong...
    explain to me what was wrong? i'm genuinely confused

    Reply With Quote  
     

  2. #12  
    aaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaa
    Planets's Avatar
    Join Date
    Aug 2014
    Age
    29
    Posts
    2,159
    Thanks given
    673
    Thanks received
    1,955
    Rep Power
    5000
    Quote Originally Posted by jacob3175 View Post
    then note that its a cron task you make it look like your are doing it from ssh you didnt even add half the task need to do before setting the job...
    It's all "from ssh", i prefaced my post with "if you manage your own webserver"...

    Reply With Quote  
     

  3. #13  
    aaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaa
    Planets's Avatar
    Join Date
    Aug 2014
    Age
    29
    Posts
    2,159
    Thanks given
    673
    Thanks received
    1,955
    Rep Power
    5000
    Quote Originally Posted by jacob3175 View Post
    you CAN NOT add a key and CRT from the SSH lmao you have to upload them manually as a .txt file...
    i think the millions of certbot users would like a word with you

    Quote Originally Posted by jacob3175 View Post
    umm where do you think you are putting the commands in at??
    Attached image

    Reply With Quote  
     

  4. #14  
    aaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaa
    Planets's Avatar
    Join Date
    Aug 2014
    Age
    29
    Posts
    2,159
    Thanks given
    673
    Thanks received
    1,955
    Rep Power
    5000
    whats your point, certbot obtains them from letsencrypt automatically and places them there

    Quote Originally Posted by Leao View Post
    These free SSL certificates most of them is full of vulnerabilities.
    Attached image

    then jesus christ the internet is in trouble!

    Reply With Quote  
     

  5. #15  
    aaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaa
    Planets's Avatar
    Join Date
    Aug 2014
    Age
    29
    Posts
    2,159
    Thanks given
    673
    Thanks received
    1,955
    Rep Power
    5000
    Quote Originally Posted by Leao View Post
    The internet isn't in trouble, but most of the sites are.
    From 10 commom sites (not from big corporations) 7 has a vulnerability.
    what relation does that have to letsencrypt certificates

    Quote Originally Posted by jacob3175 View Post
    I mean my point is that you didnt even read it...
    might want yo fix your own SSL before you come on here saying you know everything... does not look so good that you cant even set your common names right...
    we dont have a www cname record active

    you havent addressed anything that you said was wrong with the tutorial i added on..

    Reply With Quote  
     

  6. #16  
    aaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaa
    Planets's Avatar
    Join Date
    Aug 2014
    Age
    29
    Posts
    2,159
    Thanks given
    673
    Thanks received
    1,955
    Rep Power
    5000
    Quote Originally Posted by jacob3175 View Post
    why are you even going on other peoples tutorials anyway? 90% of the things I do on here you always have to stir the pot. Make your own tutorial.
    because there's no sense making a new thread that is for the same thing? you quoted my post and i replied?

    still waiting for you to tell me what's wrong with the tutorial i posted and why it wont work

    Reply With Quote  
     

  7. #17  
    Respected Member


    Polar's Avatar
    Join Date
    Sep 2015
    Age
    28
    Posts
    420
    Thanks given
    0
    Thanks received
    418
    Rep Power
    3098
    Quote Originally Posted by jacob3175 View Post
    If you going to add things to a tut be sure you are adding everything. You also have to upload the crt and the keys. also you didnt show how to pull the key and crt from the bot or root file. Making a post like this can confuse people. Not sure why you added the renew command seeing as that should be in the cron job list every 60 days.
    If you use the command line tool you don't have to upload anything. Even the official tutorial basically runs exactly what sub said.

    https://certbot.eff.org/#ubuntutyakkety-apache

    Even the link you posted in a later post shows where the certs go to. Here's the (nginx) config I had for my old serv, notice that it references exactly what your later posts say. I'm not sure why you say you have to upload anything and then post a link to the docs that shows where the certs go after running the command to get a cert.

    Code:
    server {
        listen 443 ssl http2 default_server;
    
        ssl_certificate /etc/letsencrypt/live/zanadra.com/cert.pem;
        ssl_certificate_key /etc/letsencrypt/live/zanadra.com/privkey.pem;
    
        root /var/www/temporary;
    
        # Add index.php to the list if you are using PHP
        index index.php index.html index.htm index.nginx-debian.html;
    
        server_name www.zanadra.com;
    
        # add Strict-Transport-Security header to tell browsers to always use ssl
        add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
    
        # static file configuration
        location ~* .(gif|jpg|jpeg|png|ico|wmv|3gp|avi|mpg|mpeg|mp4|flv|mp3|mid|js|css|wml|swf)$ {
            expires max;
            add_header Pragma public;
            add_header Cache-Control "public, must-revalidate, proxy-revalidate";
            access_log off;
        }
    
        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        location ~ \.php$ {
            include snippets/fastcgi-php.conf;
            fastcgi_pass unix:/run/php/php7.0-fpm.sock;
        }
    
        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        location ~ /\.ht {
            deny all;
        }
    }
    Reply With Quote  
     

  8. Thankful users:


  9. #18  
    aaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaa
    Planets's Avatar
    Join Date
    Aug 2014
    Age
    29
    Posts
    2,159
    Thanks given
    673
    Thanks received
    1,955
    Rep Power
    5000
    Quote Originally Posted by jacob3175 View Post
    1. you are posting on a non certbot ssl install tut

    2. you give an incomplete tut

    3. you should link them to the certbot site so they can get the right commands for their server. Click here for the link

    4. you didnt go in to the lost key revory set up

    5. you didnt show/explain http:// - https:// rewrite settings that they will be prompted to fill in.

    Do I need to keep going? cron time set(when to run the job)... 90 day validity...
    1. your tutorial is titled free ssl and install, is that not what the tutorial i posted does?
    2. whats incomplete (i did say example)
    3. i said its for debian/ubuntu, the process isnt very different for any common server os
    4. revory? what? i assume you mean recovery, which wouldnt be part of an INSTALLATION tutorial
    5. because it didnt need explaining, if they are managing their own webserver i assume they have a basic grasp of what they are doing
    6. the last two commands are setting a cron job to renew the certificate


    i wasnt claiming to have written a comprehensive tutorial on how to secure your webserver

    i was questioning what in the content i did write wont work?

    Reply With Quote  
     

  10. #19  
    Registered Member

    Join Date
    Jan 2016
    Posts
    59
    Thanks given
    8
    Thanks received
    193
    Rep Power
    800
    I thought I'd let you know that this needs to be manually renewed every three months considering that is the lifetime for Let's Encrypt certificates.
    I've left the RSPS scene. If you need to get any work done reach out to my friend 'savions.sw' on Skype.
    Reply With Quote  
     

  11. #20  
    Banned

    Join Date
    Nov 2014
    Posts
    611
    Thanks given
    180
    Thanks received
    156
    Rep Power
    0
    Jesus christ this community went to shit...

    Jacob, thanks for the tutorial, pretty sure people will find it useful.
    Substance, thanks for adding on-to the tutorial.

    Tip: Use cloudflare for your SSL, you'll have DDoS protection and analytics aswell, all for free.
    Reply With Quote  
     

  12. Thankful user:


Page 2 of 3 FirstFirst 123 LastLast

Thread Information
Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)


User Tag List

Similar Threads

  1. Replies: 14
    Last Post: 08-11-2011, 07:21 PM
  2. Replies: 1
    Last Post: 06-22-2011, 11:15 AM
  3. Replies: 0
    Last Post: 06-11-2011, 04:19 PM
  4. Replies: 6
    Last Post: 06-25-2010, 12:59 PM
  5. Replies: 5
    Last Post: 04-18-2010, 08:39 AM
Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •