Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Deploy ssl certs to apache server
1. run acme.sh to copy the certificates to the correct location on the disk
1.1) create a sensible directory to store your apache certificates
I chose /etc/apache2/2.2/ssl
mkdir -p /etc/apache2/2.2/ssl
1.2) run acme.sh
A few notes:
- the parameters are stored in the .acme.sh configuration file, so get it right for your system as this file is read when the cron job runs
- "reloadcmd" is dependent on your operating system, system V Linux systems use the command "service apache2 force-reload", Solaris based systems use "svcadm restart apache22" or similar
acme.sh --install-cert -d online.domain.com \ --cert-file /etc/apache2/2.2/ssl/online.domain.com-cert.pem \ --key-file /etc/apache2/2.2/ssl/online.domain.com-key.pem \ --fullchain-file /etc/apache2/2.2/ssl/letsencrypt.pem \ --reloadcmd "service apache2 force-reload"
2. Set up your httpd.conf
There are so many ways to do this, it would take a long list to write every variant, however the specific codes you will need to set in your httpd.conf (or ssl.conf, or httpd-ssl.conf) are:
SSLCertificateFile /etc/apache2/2.2/ssl/online.domain.com-cert.pem SSLCertificateKeyFile /etc/apache2/2.2/ssl/online.domain.com-key.pem SSLCertificateChainFile "/etc/apache2/2.2/ssl/letsencrypt.pem" SSLCACertificatePath "/etc/apache2/2.2/ssl/" SSLCACertificateFile "/etc/apache2/2.2/ssl/letsencrypt.pem"