Making a free SSL certificate in 2017
Foreword
Recently, I was looking for an ssl certificate for my site, but on Habré there was only an instruction for StartSSl that no longer supports Google Chrome and MozillaFirefox. And here I would like to show you how to make a certificate step by step on your own server.
so, let's begin
Create a folder for ssl in the root.
mkdir /ssl Next, go to the Apache configs.
cd /etc/apache2/sites-available We download an example of a config.
')
sudo wget https://linode.com/docs/assets/apache2-roundcube.sample.conf Change the owner to root and rights.
sudo chown root:root apache2-roundcube.sample.conf sudo chmod 644 apache2-roundcube.sample.conf And edit.
nano apache2-roundcube.sample.conf In the tag <VirtualHost *: 80> and <VirtualHost *: 443>
ServerAdmin change to webmaster @ name of the site.
ServerName change the name of the site.
DocumentRoot change to the directory where the site is, I have it:
/var/www/html/ All Directory tags are deleted except:
<Directory /var/www/roundcube>...</Directory> here we change the path instead of / var / www / roundcube / var / www / html. And change the path to SSL certificates:
SSLCertificateFile /etc/apache2/ssl/webmail.example.com/apache.crt SSLCertificateKeyFile /etc/apache2/ssl/webmail.example.com/apache.key on
SSLCertificateFile /ssl/crt.crt SSLCertificateKeyFile /ssl/key.key Config example:
# Apache2 vhost configuration sample for Roundcube # https://linode.com/docs/email/clients/installing-roundcube-on-ubuntu-14-04/ <VirtualHost *:80> # Virtual host configuration + information (replicate changes to *:443 below) ServerAdmin webmaster@uranius.pp.ua ServerName uranius.pp.ua DocumentRoot /var/www/html/ # ErrorLog /var/log/apache2/webmail.example.com/error.log # CustomLog /var/log/apache2/webmail.example.com/access.log combined # Permanently redirect all HTTP requests to HTTPS RewriteEngine on RewriteCond %{SERVER_PORT} !^443$ RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R=301,L] </VirtualHost> <IfModule mod_ssl.c> <VirtualHost *:443> # Virtual host configuration + information (replicate changes to *:80 above) ServerAdmin webmaster@uranius.pp.ua ServerName uranius.pp.ua DocumentRoot /var/www/html # ErrorLog /var/log/apache2/webmail.example.com/error.log # CustomLog /var/log/apache2/webmail.example.com/access.log combined # SSL certificate + engine configuration SSLEngine on SSLCertificateFile /ssl/crt.crt SSLCertificateKeyFile /ssl/key.key # Roundcube directory permissions + restrictions <Directory /var/www/html/> Options -Indexes AllowOverride All </Directory> </VirtualHost> </IfModule> Rename the file
sudo mv apache2-roundcube.sample.conf uranius.pp.ua.conf Disable unnecessary configs
sudo a2dissite 000-default.conf default-ssl.conf We include the necessary modules.
sudo a2enmod deflate expires headers rewrite ssl We include site config.
a2ensite uranius.pp.ua.conf And now the most interesting, get a certificate. Go to www.sslforfree.com . Enter the domain name and click to get. Next, download the file and upload it to the server. Go to the folder where the site is and create a directory:
cd /var/www/html/ mkdir .wellknown cd .wellknown mkdir acme-challenge cd acme-challenge We put the file there and click Download SSl Certificate. Download the zip with certificates and upload it to the server in the ssl folder in the root. Go to the folder and rename it:
cd /ssl mv certificate.crt crt.crt mv private.key key.key And save. Checking configs:
apachectl configtest It remains only to restart the server and the site is ready.
/etc/init.d/apache2 restart Source: https://habr.com/ru/post/324740/
All Articles