On 2/9/2024 12:58:15, joe a wrote:
I have apache configured as a reverse SSL proxy.Users connecting to the back end service are warned about the certificate, which, when installed shows the cert has the domains of the apache hosted site, not the proxy site. The apache hosted site/domains names have their own valid certificates.It's LetsEncrypt via acme-companion (dockerized) and checking the status via the acme service shows the correct domain names. I suspect the initial certificate was generated when I had some misconfigurationIs apache caching the older cert or perhaps serving up it's own certificate?--------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
The "solution" seems to be to copy the cert files from the docker container, to the apache host and adjust the virtual host config to define and use them.
That is add: SSLCertificateFile /some/local/dir.d/cert.file SSLCertificateKeyFile /some/local/dir.d/key.fileThat would not be an issue, but, every 90 days, give or take, this has to be done again.
Is there no better way? --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx