The magic moment is here. We have Apache, we have snapd, it is time for
Remove any old Certbot, and install new Certbot
sudo dnf remove certbot
sudo snap install --classic certbot
ERROR: I tried running the install right away, and go this error
FIX: Waiting a couple minutes and trying again resolved this issue, and I got Certbot 2.6.0.
More symbolic linking to glue Certbot into place
sudo ln -s /snap/bin/certbot /usr/bin/certbot
Using Certbot
Alright, with certbot in place, there are a couple options (See the instructions page), but I just wanted to try the easiest version first
sudo certbot --apache
Certbot will prompt you for the virtual hosts (they must already be configured in Apache on port 80) and maybe your email address. Then it will set about obtaining the requested SSL certs
ERROR: If you get an error like:
FIX: Go back to the Apache installation post, and be sure your Virtual Host is configured.
Revisiting Apache
I am basing these instructions from this Stack Overflow post - as it states, we are not quite out of the woods. First, uncomment out the 443 lines previously commented out (or if you skipped them, now is the time to append them to the previous text in that file) from the /etc/httpd/conf.d/yourdomain.conf file
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName yourDomainName.com
DocumentRoot /var/www/html
ServerAlias www.yourDomainName.com
ErrorLog /var/www/error.log
CustomLog /var/www/requests.log combined
Include /etc/letsencrypt/options-ssl-apache.conf
LogLevel alert rewrite:trace3
SSLCertificateFile /etc/letsencrypt/live/yourDomainName.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/yourDomainName.com/privkey.pem
</VirtualHost>
</IfModule>
Certbot already modified my .conf file for me, but you will need something like the below in your port 80 config, so the site automatically redirects to port 443:
#this goes in at the bottom 3 lines of the VirtualHost *:80 section
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
now it is time to restart Apache and see how we did, yeah?
sudo systemctl restart httpd
My domain automatically redirected and the browser reports the domain is secured
Thank you for your witness vote!
Have a !BEER on me!
To Opt-Out of my witness beer program just comment STOP below
View or trade
BEER
.Hey @t3kme, here is a little bit of
BEER
from @isnochys for you. Enjoy it!Did you know that <a href='https://dcity.io/cityyou can use BEER at dCity game to buy cards to rule the world.
Thank you for your witness vote!
Have a !BEER on me!
To Opt-Out of my witness beer program just comment STOP below
View or trade
BEER
.Hey @t3kme, here is a little bit of
BEER
from @isnochys for you. Enjoy it!Did you know that <a href='https://dcity.io/cityyou can use BEER at dCity game to buy cards to rule the world.
Thank you for your witness vote!
Have a !BEER on me!
To Opt-Out of my witness beer program just comment STOP below
View or trade
BEER
.Hey @t3kme, here is a little bit of
BEER
from @isnochys for you. Enjoy it!Learn how to earn FREE BEER each day by staking your
BEER
.Thank you for your witness vote!
Have a !BEER on me!
To Opt-Out of my witness beer program just comment STOP below
View or trade
BEER
.Hey @t3kme, here is a little bit of
BEER
from @isnochys for you. Enjoy it!Did you know that <a href='https://dcity.io/cityyou can use BEER at dCity game to buy cards to rule the world.