Changes

Changes

186 bytes removed , 15:34, 4 January 2016

→‎Renewal of the certificates: call script with scl enable python27, removed scl lines from script

Line 107: Line 107:

As part of the security of Letsencrypt the certificates must be renewed every 3 months.

−

The following script will automatically renew your certificate. Save it in a convenient place, for example, /opt/letsencrypt-renew.sh~~;don't forget~~ to chmod +x ~~the file~~

The following script will automatically renew your certificate. Save it in a convenient place, for example, /opt/letsencrypt-renew.sh, and make sure to make it executable (chmod +x).

#!/bin/bash

−

~~source /opt/rh/python27/enable~~

−

~~export X_SCLS="`scl enable python27 'echo $X_SCLS'`"~~

/sbin/service httpd-e-smith stop

/opt/letsencrypt/letsencrypt-auto certonly --standalone --renew-by-default --email me@mydomain.co.uk \

Line 119: Line 117:

/sbin/e-smith/signal-event ibay-modify

−

~~{{Note box| The above commands~~ enable ~~Python 2~~.~~7, but do not disable it again. In general we need to examine the effect of using SCL Python 2.7 on production servers where the default Python version is being used.}}~~

Call this script by running

# scl enable python27 '/opt/letsencrypt-renew.sh'

You may want to set this up as a cron job to run every two months, to make sure your certificate doesn't expire. Please see '''[[Crontab_Manager]]''' contrib for an easy way to achieve this. Or, to set this from the command line, do the following:

Line 128: Line 127:

The following example will run the renewal script at 22:48 on the third of every other month (Jan, Mar, May, etc.):

−

48 22 3 */2 * root /opt/letsencrypt-renew.sh

48 22 3 */2 * root scl enable python27 '/opt/letsencrypt-renew.sh'

then expand and restart

DanB35

147

edits

Retrieved from "https://wiki.koozali.org/Special:MobileDiff/30061"

Letsencrypt (view source)

Revision as of 15:34, 4 January 2016

Navigation menu

Search