For some time, I have been hosting about 10 sites unencrypted. But since
people other than just myself will be using my squirrelmail, I decided to
encrypt my server. I had delayed it simply because keys are too expensive to
buy, but now I learned about LetsEncrypt.org and have been working in that
direction.
So far, I moved two websites over to this server, example.com and example.info.
My first test of the LetsEncrypt software was of the form of:
# letsencrypt-auto -apache -d example.com
but I ran into a caveat with www.example.com not being accepted. I decided to
re-run with the other domain included as well, so I did the remaining three
combinations:
#letsencrypt-auto -apache -d www.example.com -d example.info -d www.example.info
The conf files for the sites are fairly straight-forward in my mind. There are
four of them:
#/etc/apache2/sites-available/80-example.com
<IfModule mod_ssl.c>
<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/example.com/public_html/
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
ServerName example.com
ServerAlias www.example.com
</VirtualHost>
</IfModule>
#/etc/apache2/sites-available/443-example.com
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmas...@example.com
DocumentRoot /var/www/example.com/public_html/
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
ServerName example.com
ServerAlias www.example.com
</VirtualHost>
</IfModule>
#/etc/apache2/sites-available/80-example.info
<IfModule mod_ssl.c>
<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/example.info/public_html/
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
ServerName example.info
ServerAlias www.example.info
</VirtualHost>
</IfModule>
#/etc/apache2/sites-available/443-example.info
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmas...@example.info
DocumentRoot /var/www/example.info/public_html/
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
ServerName example.info
ServerAlias www.example.info
</VirtualHost>
Notice that SSLCertificateFile and SSLCertificateKeyFile are the same for both
of the domains, because they use the same key of example.com. The website,
example.com works perfectly fine. But example.info has serious problems (On
the order of NET::ERR_CERT_COMMON_NAME_INVALID). Who has an idea on how to fix
this? I can't experiment too much because I'm limited to 5 keys per week so
learning this myself is a very slow-track process.
There are a number of HOWTO documents out there, but there is very wide
variance in their steps that I have little confidence in them, but have chosen
one and decided to try at it. Once I get this established, I promise to write
a blog article explaining the procedure a little bit better
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
