On Sat, 2023-04-22 at 18:27 +0200, Peter Boy wrote:
> Am 22.04.2023 um 14:11 schrieb Patrick O'Callaghan
> <pocallaghan(a)gmail.com>:
>
> I'm trying to set up a simple web server for personal use, using
> Apache, and want to enable HTTPS access. This involves getting an
> SSL
> certificate and I'll be using LetsEncrypt (
www.letsencrypt.org).
>
> The recommended way to do this is with Certbot, but I can't get
> past
> this error:
With apache you have the advantage that you don't need certbot at
all, but apache does everything itself with the help of the md
module. Configure as follows:
# Letsencrypt certificate management via Apache mod_md
# By default, automatically all alternative names get included.
MDomain MY_DOMAIN.TLD
MDContactEmail ME(a)MY_DOMAIN.TLD
MDCertificateAgreement accepted
<VirtualHost *:443>
ServerName MY_DOMAIN.TLD
ServerAlias
www.MY_DOMAIN.TLD
ServerAlias demo.MY_DOMAIN.TLD
…
…
</VirtualHost>
After adding the above configuration restart apache. Wait some
minutes and restart again. You should now see in the logs the
certificates.
Apache cares about the 3-monthly renewing. You don’t need to do
anything.
That's interesting, but seems to contradict what the LetsEncrypt site
seems to say (as far as I understand it). How does Apache set up a
certificate if it's only reachable via port 443, which requires a
certificate?
poc