For some time, I have been hosting about 10 sites unencrypted. But since people other than just myself will be using my squirrelmail, I decided to encrypt my server. I had delayed it simply because keys are too expensive to buy, but now I learned about LetsEncrypt.org and have been working in that direction.
So far, I moved two websites over to this server, example.com and example.info. My first test of the LetsEncrypt software was of the form of:
# letsencrypt-auto -apache -d example.com
but I ran into a caveat with www.example.com not being accepted. I decided to re-run with the other domain included as well, so I did the remaining three combinations:
#letsencrypt-auto -apache -d www.example.com -d example.info -d www.example.info
The conf files for the sites are fairly straight-forward in my mind. There are four of them:
#/etc/apache2/sites-available/80-example.com
<IfModule mod_ssl.c>
<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/example.com/public_html/
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
ServerName example.com
ServerAlias www.example.com
</VirtualHost>
</IfModule>
#/etc/apache2/sites-available/443-example.com
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster@xxxxxxxxxxx
DocumentRoot /var/www/example.com/public_html/
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
ServerName example.com
ServerAlias www.example.com
</VirtualHost>
</IfModule>
#/etc/apache2/sites-available/80-example.info
<IfModule mod_ssl.c>
<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/example.info/public_html/
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
ServerName example.info
ServerAlias www.example.info
</VirtualHost>
</IfModule>
#/etc/apache2/sites-available/443-example.info
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster@xxxxxxxxxxxx
DocumentRoot /var/www/example.info/public_html/
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
ServerName example.info
ServerAlias www.example.info
</VirtualHost>
Notice that SSLCertificateFile and SSLCertificateKeyFile are the same for both of the domains, because they use the same key of example.com. The website, example.com works perfectly fine. But example.info has serious problems (On the order of NET::ERR_CERT_COMMON_NAME_INVALID). Who has an idea on how to fix this? I can't experiment too much because I'm limited to 5 keys per week so learning this myself is a very slow-track process.
There are a number of HOWTO documents out there, but there is very wide variance in their steps that I have little confidence in them, but have chosen one and decided to try at it. Once I get this established, I promise to write a blog article explaining the procedure a little bit better
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|