github-repos/acme.sh
1
0
Fork 0
mirror of https://github.com/acmesh-official/acme.sh.git synced 2024-12-26 01:00:10 +08:00
Code Issues Packages Projects Releases Wiki Activity
Page: Deploy ssl certs to apache server
Pages
Blogs and tutorials BuyPass.com CA CA Change default CA to ZeroSSL Code of conduct DNS API Dev Guide DNS API Test DNS alias mode DNS manual mode Deploy ssl certs to apache server Deploy ssl certs to nginx Deploy ssl to SolusVM Donate list Enable acme.sh log Exit Codes Explicitly use DOH Google Public CA Google Trust Services CA Home How to debug acme.sh How to install How to issue a cert How to run on DD WRT with lighttpd How to run on OpenWrt How to use Amazon Route53 API How to use Azure DNS How to use OVH domain api How to use Oracle Cloud Infrastructure DNS How to use lexicon DNS API How to use on Solaris based operating sytsems How to use on embedded FreeBSD Install in China Install preparations Issue a cert from existing CSR OVH Success Options and Params Preferred Chain Run acme.sh in docker SSL.com CA Server Simple guide to add TLS cert to cpanel Stateless Mode Synology NAS Guide Synology RT1900ac and RT2600ac install guide TLS ALPN without downtime Usage on Tomato routers Use DNS Exit DNS API Using pre hook post hook renew hook reloadcmd Using systemd units instead of cron Utilize multiple DNS API keys Validity ZeroSSL.com CA deploy to docker containers deployhooks dnsapi dnsapi2 dnscheck dnssleep how about the private key access modes, chmod, or chown or umask ipcert notify openvpn2.4.7服务端和客户端使用注意 revokecert sudo tlsa next key 如何安装 说明
2 Deploy ssl certs to apache server
jadrevenge edited this page 2017-09-20 10:25:32 +01:00
Table of Contents

1. run acme.sh to copy the certificates to the correct location on the disk

1.1) create a sensible directory to store your apache certificates

I chose /etc/apache2/2.2/ssl

mkdir -p /etc/apache2/2.2/ssl

1.2) run acme.sh

A few notes:

  • the parameters are stored in the .acme.sh configuration file, so get it right for your system as this file is read when the cron job runs
  • "reloadcmd" is dependent on your operating system, system V Linux systems use the command "service apache2 force-reload", Solaris based systems use "svcadm restart apache22" or similar
acme.sh --install-cert -d online.domain.com \
--cert-file /etc/apache2/2.2/ssl/online.domain.com-cert.pem \
--key-file /etc/apache2/2.2/ssl/online.domain.com-key.pem \
--fullchain-file /etc/apache2/2.2/ssl/letsencrypt.pem \
--reloadcmd "service apache2 force-reload"

2. Set up your httpd.conf

There are so many ways to do this, it would take a long list to write every variant, however the specific codes you will need to set in your httpd.conf (or ssl.conf, or httpd-ssl.conf) are:

SSLCertificateFile /etc/apache2/2.2/ssl/online.domain.com-cert.pem
SSLCertificateKeyFile /etc/apache2/2.2/ssl/online.domain.com-key.pem
SSLCertificateChainFile "/etc/apache2/2.2/ssl/letsencrypt.pem"

SSLCACertificatePath "/etc/apache2/2.2/ssl/"
SSLCACertificateFile "/etc/apache2/2.2/ssl/letsencrypt.pem"

Buy me a beer, Donate to acme.sh if it saves your time. Your donation makes acme.sh better: https://donate.acme.sh/

如果 acme.sh 帮你节省了时间,请考虑赏我一杯啤酒🍺, 捐助: https://donate.acme.sh/ 你的支持将会使得 acme.sh 越来越好. 感谢