yuu_nkjm blog
メニュー
検索
タグクラウド
- .htaccess
- Apache
- CMS
- Cisco
- DF
- Eclipse
- Firefox
- FreeSoft
- Java
- KVM
- LVM
- Linux
- MSOffice
- MySQL
- Network
- PHP
- Postfix
- Pukiwiki
- R言語
- SVN
- Samba
- TeX
- Troubleshooting
- VirtualBox
- Webアプリ
- Windows
- Windows 7 (64bit)
- X11
- Xming
- backup
- bash
- bat
- coLinux
- command
- find
- grep
- misc
- openSUSE
- ssh
- syslog
- tDiary
- サーバまとめ
- 出張
- 和食
- 岩波書店
- 技術書
- 物語
- 研究
- 読書ログ
- 食べログ
全カテゴリ
全カテゴリ | .htaccess |
32bit-64bit |
AWS |
Acrobat |
Android |
Ant |
Apache |
Aptana |
B4課題 |
BenchMark |
Buffalo |
C/C++ |
CMS |
CSS |
CakePHP |
Chef |
Chrome |
Cisco |
CitySim |
DF |
DNS |
DTD |
EaseUS |
Eclipse |
Excel |
FTP |
Fedora 6-7 |
Firefox |
FreeSoft |
GDocs |
Ghostscript |
GitHub |
Google |
Gparted |
H2 |
HTML5 |
HW |
Hatena |
IntelliJ |
JMeter |
JSON-RPC |
JVM |
Java |
Java8 |
JavaScript |
Jenkins |
KVM |
Kawa |
Kindle |
Knoppix |
LVM |
Langrid |
Language |
Links |
Linkstation |
Linux |
LinuxDesktop |
LinuxLanguage |
Linuxお引っ越し |
Lucene |
MABS |
MATSim |
MSOffice |
Maven |
Monit |
MySQL |
NLP |
Network |
Nexus |
OSM |
PDF |
PDIC |
PHP |
POSIX |
PhpStorm |
Polycom |
Postfix |
Postgress |
PowerDirector |
Profiler |
Programming |
PuTTY |
Pukiwiki |
Python |
RDBMS |
RHEL |
Research |
Ruby |
R言語 |
SQL |
SQLite |
SSD |
SSL |
SUMO |
SVN |
Samba |
ScanSnap |
Scheme |
Scrap |
Script |
Servlet |
Shell |
Skype |
SoftwareDevelopment |
Spring |
Stone |
SugarSync |
Swing |
TFTP |
TeX |
Tomcat |
Troubleshooting |
Tweet |
UPS |
UWSC |
Vagrant |
VirtualBox |
WebDav |
WebSite |
Webアプリ |
Wikipedia |
Windows |
Windows 7 (64bit) |
Windows 8 |
Windows10 |
WindowsServer2003 |
Windowsお引っ越し |
Windowsまとめ |
WishList |
WordPress |
X10 |
X11 |
XAMPP |
XML |
Xming |
YOLP |
YaST |
apply |
arp |
awk |
backup |
bash |
bat |
bcdedit |
bind |
blog |
book |
boot |
bootrec |
bundler |
coLinux |
command |
cron |
curl |
dd |
diskpart |
dropbox |
dviout |
fail2ban |
find |
fml |
gdb |
gem |
git |
grep |
grub |
https |
iPad/iPodTouch/iPhone |
iptables |
jQuery |
jad |
joomla |
letsencrypt |
locate |
log4j |
logrotate |
logwatch |
lsof |
man |
misc |
mod_rewrite |
mount |
netstat |
nkf |
nmb |
ntldr |
nyaos |
openSUSE |
perl |
pgrep |
php |
ping |
pkill |
python |
route |
rsync |
sakura |
sed |
squid |
ssh |
sudo |
svn |
syslog |
tDiary |
tail |
taskkill |
tcpdump |
telnet |
update-alternatives |
w2box |
wget |
wmic |
xargs |
xdebug |
zypper |
お友達 |
お名前.com VPS (KVM) |
お引っ越し |
サーバまとめ |
ネタ |
フレンチ |
プロファイラ |
リフレクション |
リンク |
レビュー |
人文 |
例外 |
先斗町 |
出張 |
助成 |
動画編集 |
吉田さかみち |
和食 |
岩波書店 |
技術書 |
料理 |
新潮社 |
物語 |
生活 |
百万遍 |
研究 |
読書ログ |
講談社 |
電子書籍 |
食べログ
カレンダー
更新情報
2016-08-24(Wed) 編集
[letsencrypt][SSL][https][cron][openSUSE][Apache] Letsencrypt
How to set up letsencrypt on OpenSUSE 13.2 (Tutorial) - Server - Let's Encrypt Community Supportの通りでほぼOKだった.
差分
エラー
Directory '/etc/apache2/sites-enabled' does not exist. Please ensure that the values for --apache-handle-sites and --apache-server-root are correct for your environment.
というエラーが出たときは,"ln -s /etc/apache2/vhost /etc/apache2/sites-enabled"で,解消した.
VirtualHost設定の重複を削除
重複部分を切り出して,includeすればOK
SSLEngine on SSLCertificateFile /etc/letsencrypt/live/.... SSLCertificateKeyFile /etc/letsencrypt/.... Include /etc/apache2/vhosts.d/nkjmlab.org.ini Include /etc/apache2/vhosts.d/nkjmlab.org.ini
コマンドログ
cd /root
zypper in git
git clone https://github.com/letsencrypt/letsencrypt
emacs /etc/letsencrypt/conf/nkjmlab.org.ini
rsa-key-size = 4096
email = myaddress@example.com
authenticator = webroot
webroot-path = /srv/www/vhosts/nkjmlab.org
domain = nkjmlab.org
cd /root/letsencrypt
/root/letsencrypt/letsencrypt-auto certonly -c /etc/letsencrypt/conf/nkjmlab.org.ini
cp -a /etc/apache2/vhosts.d/nkjmlab.org.conf /etc/apache2/vhosts.d/nkjmlab.org-ssl.conf
emacs /etc/apache2/vhosts.d/nkjmlab.org-ssl.conf
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/nkjmlab.org/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/nkjmlab.org/privkey.pem
yast -> sysconfig editor
APACHE_MODULES="[...] ssl [...]"
APACHE_SERVER_FLAGS="SSL"
service apache2 restart
# 全ドメインの証明書を更新するスクリプトををcronで回す.
emacs /etc/cron.monthly/letsencrypt.sh
/root/letsencrypt/letsencrypt-auto renew --force-renew
/usr/sbin/service apache2 restart
chmod +x /etc/cron.monthly/letsencrypt.sh
[ツッコミを入れる]