Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
tools:ssl [2022/08/21 13:26] – [Remove cert] darron | tools:ssl [2024/07/17 12:03] (current) – [Issue cert] darron | ||
---|---|---|---|
Line 27: | Line 27: | ||
a daily cron job. | a daily cron job. | ||
- | This cron job will be replaced later. | + | Disable the following |
< | < | ||
Line 34: | Line 34: | ||
</ | </ | ||
- | Additionally, | + | Additionally, |
< | < | ||
Line 40: | Line 40: | ||
</ | </ | ||
- | The source contains | + | The source |
< | < | ||
setenv LE_WORKING_DIR "/ | setenv LE_WORKING_DIR "/ | ||
Line 67: | Line 67: | ||
sudo mkdir -p / | sudo mkdir -p / | ||
- | sudo chown -R $USER:$USER / | + | sudo chown -R $USER:$GROUP / |
export LE_WORKING_DIR=" | export LE_WORKING_DIR=" | ||
- | $HOME/ | + | $HOME/ |
sudo mkdir -p / | sudo mkdir -p / | ||
Line 76: | Line 76: | ||
sudo mkdir -p / | sudo mkdir -p / | ||
- | sudo chown -R $USER:$USER / | + | sudo chown -R $USER:$GROUP / |
$HOME/ | $HOME/ | ||
Line 98: | Line 98: | ||
fi | fi | ||
- | sudo find / | + | sudo find / |
export LE_WORKING_DIR=" | export LE_WORKING_DIR=" | ||
Line 111: | Line 111: | ||
#sudo kill -HUP `ps auxw | egrep ' | #sudo kill -HUP `ps auxw | egrep ' | ||
#sudo kill -USR1 `ps auxw | egrep ' | #sudo kill -USR1 `ps auxw | egrep ' | ||
- | |||
sudo / | sudo / | ||
Line 117: | Line 116: | ||
</ | </ | ||
+ | Eg. | ||
+ | < | ||
+ | 0 0 2 * * / | ||
+ | </ | ||
===Remove cert=== | ===Remove cert=== | ||
Line 137: | Line 140: | ||
$HOME/ | $HOME/ | ||
- | rm -Rf $HOME/ | + | rm -Rf $HOME/ |
- | rm -Rf / | + | sudo rm -Rf / |
exit 0 | exit 0 | ||
Line 148: | Line 151: | ||
# m h dom mon dow command | # m h dom mon dow command | ||
0 0 2 * * / | 0 0 2 * * / | ||
+ | </ | ||
+ | |||
+ | ===Changing issuer==== | ||
+ | |||
+ | ==Let' | ||
+ | < | ||
+ | acme.sh --set-default-ca --server letsencrypt | ||
+ | </ | ||
+ | |||
+ | ==zerossl== | ||
+ | |||
+ | < | ||
+ | acme.sh --set-default-ca --server zerossl | ||
+ | </ | ||
+ | |||
+ | ===Other=== | ||
+ | |||
+ | After issuing and later renewing certificates fullchain.pem and key.pem may be | ||
+ | copied and utilised by both exim and dovecot. Exim will | ||
+ | need read permission for the exim user. | ||
+ | |||
+ | For example, fullchain and key are copied into / | ||
+ | |||
+ | ==Exim4== | ||
+ | |||
+ | < | ||
+ | tls_certificate = / | ||
+ | tls_privatekey | ||
+ | </ | ||
+ | |||
+ | ==Dovecot== | ||
+ | |||
+ | < | ||
+ | ssl_cert = </ | ||
+ | ssl_key = </ | ||
</ | </ | ||