blog/public/administration/letsencrypt/index.html

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en-us">
<head>
  <title>
    Let&#39;s Encrypt // Hagfi.sh
  </title>

  <link href="http://gmpg.org/xfn/11" rel="profile">
<meta http-equiv="content-type" content="text/html; charset=utf-8">


<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1">

<meta name="description" content="">
<meta name="keywords" content="">
<meta name="author" content="Olivier De Ram">
<meta name="generator" content="Hugo 0.92.0" />

  <meta property="og:title" content="Let&#39;s Encrypt" />
<meta property="og:description" content="" />
<meta property="og:type" content="website" />
<meta property="og:locale" content="en_US" />
<meta property="og:url" content="https://blog.hagfi.sh/administration/letsencrypt/" />


  
  <link rel="stylesheet" href="//cdnjs.cloudflare.com/ajax/libs/pure/0.5.0/base-min.css">
  <link rel="stylesheet" href="//cdnjs.cloudflare.com/ajax/libs/pure/0.5.0/pure-min.css">
  
  
    <link rel="stylesheet" href="//cdnjs.cloudflare.com/ajax/libs/pure/0.5.0/grids-responsive-min.css">
  
  

  <link rel="stylesheet" href="https://blog.hagfi.sh//css/redlounge.css">
  <link rel="stylesheet" href="https://blog.hagfi.sh//css/prism.css">
  <link href="//maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css" rel="stylesheet">
  <link href='//fonts.googleapis.com/css?family=Raleway:400,200,100,700,300,500,600,800' rel='stylesheet' type='text/css'>
  <link href='//fonts.googleapis.com/css?family=Libre+Baskerville:400,700,400italic' rel='stylesheet' type='text/css'>

  
  <link rel="apple-touch-icon-precomposed" sizes="144x144" href="/touch-icon-144-precomposed.png">
  <link rel="shortcut icon" type="image/x-icon" href="/img/favicon.png">

  
  <link href="" rel="alternate" type="application/rss+xml" title="Hagfi.sh" />

  <script src="//cdnjs.cloudflare.com/ajax/libs/moment.js/2.18.1/moment.js"></script>
  <script src="//cdnjs.cloudflare.com/ajax/libs/vue/2.5.17/vue.min.js"></script>
  <script src="//cdnjs.cloudflare.com/ajax/libs/axios/0.18.0/axios.min.js"></script>
  <script src="//cdnjs.cloudflare.com/ajax/libs/fuse.js/3.2.1/fuse.min.js"></script>
  <script src="//cdn.jsdelivr.net/npm/vuewordcloud@18.7.11/VueWordCloud.js"></script>
  <script src="https://blog.hagfi.sh//js/prism.js"></script>
  

  

  

  
<script type="application/javascript">
var doNotTrack = false;
if (!doNotTrack) {
	(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
	(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
	m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
	})(window,document,'script','https://www.google-analytics.com/analytics.js','ga');
	ga('create', 'UA-124890410-1', 'auto');
	
	ga('send', 'pageview');
}
</script>

  
</head>

<body>
	

	<div id="layout" class="pure-g">
    <div class="sidebar pure-u-1 pure-u-md-1-4" id="app">
  <div class="header">
    

	

    <h1 class="brand-title"><a href="/">Hagfi.sh</a></h1>
    <h2 class="brand-tagline">A devops guide to the galaxy</h2>

    <div class="counters">
      <a class="counter" href="/">13
        <div class="counter-sub">Documents</div>        
      </a>
      <a class="counter" href="/tags">29
        <div class="counter-sub">Tags</div>        
      </a>
      <a class="counter" href="/categories">3
        <div class="counter-sub">Categories</div>  
      </a>
    </div>

    <nav class="nav">
      
    </nav>

    <div class="search-wrapper">
      <input 
        type="text" 
        placeholder="Search ..." 
        v-model="search" 
        @keydown.down.prevent="navigate(1)" 
        @keydown.up.prevent="navigate(-1)" 
        @keyup.enter.prevent="navigate(result[selected].href)"
        ref="searchInput"
        class="search"
      />
      
      <svg height="100" width="100" ref="resultPoint" class="result-point">
        <circle cx="5" cy="5" r="5" fill="#FFF" />
      </svg>

      <ul class="result-items">
        <li v-for="r, i of result" class="result-item" ref="resultItem">
          <div class="result-item-wrapper" :class="{ 'result-item-selected': selected === i }">
            <div class="result-item-left">
              <span class="post-date">
                <span class="post-date-day"><sup v-text="moment(r.date).format('D')"></sup></span><span class="post-date-separator" v-text="'/'"></span><span class="post-date-month" v-text="moment(r.date).format('MMM')"></span> <span class="post-date-year" v-text="moment(r.date).format('YYYY')"></span>
              </span>
                <template v-if="r.author">By <a class="post-author" v-text="r.author"></a></template>
            </div>
            <div class="result-item-left">
              <span class="result-item-separator nav-item-separator" v-text="'//'"></span><a :href="r.href" v-text="r.title" class="result-item-link"></a>
            </div>
          </div>
        </li>
      </ul>
    </div>

    

  </div>
</div>

	
	

    <div class="content pure-u-1 pure-u-md-3-4">
		<a name="top"></a>
		

		
			
		    <div id="toc" class="pure-u-1 pure-u-md-1-4">
				<small class="toc-label">Contents</small>
		   	 	<nav id="TableOfContents">
  <ul>
    <li><a href="#lets-encrypt">Let&rsquo;s Encrypt:</a>
      <ul>
        <li><a href="#apache--httpd">Apache / httpd</a></li>
        <li><a href="#nginx">Nginx</a></li>
      </ul>
    </li>
  </ul>
</nav>
		    </div>
		    
	    
  		<section class="post">
            <h1 class="post-title">
              <a href="/administration/letsencrypt/">Let&#39;s Encrypt</a>
            </h1>
            <h3 class="post-subtitle">
            	
            </h3>
            
            	<span class="post-date">
                	<span class="post-date-day"><sup>25</sup></span><span class="post-date-separator">/</span><span class="post-date-month">Aug</span> <span class="post-date-year">2018</span>
            	</span>
            	
            
            	
            		<span class="post-author-single">By <a class="post-author"  target="">Olivier De Ram</a></span>
            		




            	
            

			
			

			

			

            <h2 id="lets-encrypt">Let&rsquo;s Encrypt:</h2>
<ul>
<li>Aanmaken / vernieuwen certificaat:</li>
</ul>
<pre tabindex="0"><code>/opt/letsencrypt/letsencrypt-auto certonly
	--expand
	---email support@domain.tld
	--agree-tos
	--webroot
	-w /var/www/vhosts/WEB/ROOT
	-d domain.tld
	-d domainalias.tld
	--dry-run
</code></pre><pre tabindex="0"><code>/bin/certbot
	--text
	--agree-tos
	--non-interactive
	certonly
	-a 	webroot
	--webroot-path 	/var/www/vhosts/WEB/ROOT
	-d 	domain.tld
	-d 	domainalias.tld
	--dry-run
</code></pre><p><code>--dry-run</code> om het aanmaken te testen.</p>
<h3 id="apache--httpd">Apache / httpd</h3>
<ul>
<li>(1) Voeg volgende regels toe aan de apache config:</li>
</ul>
<pre tabindex="0"><code>Alias /.well-known /var/www/vhosts/letsencrypt/.well-known
&lt;Directory /var/www/vhosts/letsencrypt/.well-known&gt;
  order allow,deny
  allow from all
  satisfy any
&lt;/Directory&gt;
</code></pre><ul>
<li>Of (2) voeg volgende regels toe aan .htaccess:</li>
</ul>
<pre tabindex="0"><code>&lt;IfModule mod_rewrite.c&gt;    
  RewriteEngine on
  #Allow Let's Encrypt SSL renewal
  RewriteRule ^.well-known/ - [L,NC]
  RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge/
  RewriteRule ^/?(.*)        https://%{SERVER_NAME}/$1 [R=301,L]
</code></pre><ul>
<li>Combineer Basic Auth met Let&rsquo;s Encrypt:<br>
<em>Dit moet je bekijken ale een if/else. (Ofwel valid-user ofwel REQUEST_URI)</em></li>
</ul>
<pre tabindex="0"><code>      &lt;Directory /var/www/vhosts/WEB/ROOT&gt;
        AuthType Basic
        AuthName protected
        AuthUserFile /etc/httpd/passwd/phpmyadmin.htpasswd
        require valid-user
        Require expr %{REQUEST_URI} =~ m#^/.well-known/acme-challenge/.*#
      &lt;/Directory&gt;
</code></pre><h3 id="nginx">Nginx</h3>
<ul>
<li>Voeg volgende regels toe aan Nginx</li>
</ul>
<pre tabindex="0"><code>  location /.well-known {
    root      /var/www/vhosts/WEB/ROOT;
    index     index.html index.htm index.php;
  }
</code></pre><ul>
<li></li>
</ul>
<ul>
<li>Controleer DNS lijst domeinen:</li>
</ul>
<pre tabindex="0"><code>while read LINE;
do
	echo $LINE &gt;&gt; list_processed.txt &amp;&amp; dig +short @9.9.9.9 $LINE &gt;&gt; list_processed.txt;
done &lt; list.txt
</code></pre><ul>
<li>(WIP)</li>
</ul>
<pre tabindex="0"><code>#!/bin/bash

#IP=&lt;%= @default_ipadress %&gt;
IP=$(dig +short @9.9.9.9 $(hostname))
FILE=$1

while read LINE
do
	CHK=$(dig +short @9.9.9.9 $LINE)
	if $IP -eq $CHK
		echo &quot;$LINE|$CHK&quot; &gt;&gt; /tmp/le-ok
	elif
		echo &quot;$LINE|$CHK&quot; &gt;&gt; /tmp/le-nok
	fi
done &lt; $FILE

echo &quot;Domains OK:&quot;
echo /tmp/le-ok | column
echo &quot;-------------------------------&quot;
echo &quot;Domains NOT OK:&quot;
echo /tmp/le-nok | column

rm -rf /tmp/le-ok
rm -rf /tmp/le-nok
</code></pre>
	
			

			

			
				<div class="paging">
					<span class="paging-label">More Reading</span>
					
					<div class="paging-newer">
						<span class="dark-red">Newer</span><span class="decorative-marker">//</span>
						<a class="paging-link" href="/administration/mysql_tuner/">MySQL Tuner</a>
		            </div>
		            

					
					<div class="paging-older">
						<span class="dark-red">Older</span><span class="decorative-marker">//</span>
			            <a class="paging-link" href="/development/live-search-with-hugo/">Live Search With HUGO</a>
		            </div>
		            
	            </div>
            
          </section>
          
          	<div id="disqus_thread"></div>
<script type="application/javascript">
    var disqus_config = function () {
    
    
    
    };
    (function() {
        if (["localhost", "127.0.0.1"].indexOf(window.location.hostname) != -1) {
            document.getElementById('disqus_thread').innerHTML = 'Disqus comments not available by default when the website is previewed locally.';
            return;
        }
        var d = document, s = d.createElement('script'); s.async = true;
        s.src = '//' + "hagfish" + '.disqus.com/embed.js';
        s.setAttribute('data-timestamp', +new Date());
        (d.head || d.body).appendChild(s);
    })();
</script>
<noscript>Please enable JavaScript to view the <a href="https://disqus.com/?ref_noscript">comments powered by Disqus.</a></noscript>
<a href="https://disqus.com" class="dsq-brlink">comments powered by <span class="logo-disqus">Disqus</span></a>
          
        
      <div class="footer">
	<hr class="thin" />
	<div class="pure-menu pure-menu-horizontal pure-menu-open">
		<ul class="footer-menu">
		
		</ul>
	</div>

	<p>&copy; 2022. All rights reserved.</p>
</div>
    </div>
  </div>
	

	

  <script>
var app = new Vue({
  el: '#app',
  data: {
    fuse: null,
    search: "",
    result: [],
    index: [],
    selected: 0
  },
  mounted() {
    let self = this

    
    window.addEventListener("keypress", function(e) {
      self.$refs.searchInput.focus()
    })

    let options = {
      shouldSort: true,
      threshold: 0.6,
      location: 0,
      distance: 100,
      maxPatternLength: 32,
      minMatchCharLength: 1,
      keys: [
        "title",
        "author",
        "date",
        "content"
      ]
    }
    axios.get('/index.json')
    .then(function (response) {
      self.index = response.data
      self.fuse = new Fuse(response.data, options)      
    })
    .catch(function (error) {      
    })
  },
  watch: {
    result(nval, oval) {
      nval.length > 0 ? this.pointer(0) : this.pointer(-1)      
    },
    search(nval, oval) {
      this.result = this.fuse.search(nval)      
    }
  },
  methods: {
    navigate(val) {
      switch (val) {
        case  1: if (this.selected < this.result.length - 1) { this.selected++ }; break;
        case -1: if (this.selected > 0 )                     { this.selected-- }; break; 
        default: window.location.href = val; break;
      }
      this.pointer(this.selected)      
    },
    pointer(selected) {
      let self = this

      if (selected >= 0) {        
        Vue.nextTick().then(function() {          
          let height = self.$refs.resultItem[selected].clientHeight
          let top    = self.$refs.resultItem[selected].getBoundingClientRect().top
          let left   = self.$refs.resultItem[selected].getBoundingClientRect().left

          self.$refs.resultPoint.style.top      = (top+height/2)+'px'
          self.$refs.resultPoint.style.left     = (left-20)+'px'          
        })
      } else {        
        this.$refs.resultPoint.style.left = '-50px'
        return
      }
    }
  }
})
</script>
</body>
</html>