Setting Up Wildcard Subdomains with SSL on a Debian Application: Difference between revisions

Jump to navigation Jump to search

Setting Up Wildcard Subdomains with SSL on a Debian Application (view source)

Revision as of 02:53, 31 October 2024

1,424 bytes added ,  31 October 2024
m
→‎Configuring SSL and Wildcard Subdomains
Line 159: Line 159:


Make sure that proper letter case is observed as this would cause the script to fail with unclear error messages.
Make sure that proper letter case is observed as this would cause the script to fail with unclear error messages.
==== b. Setting Up Certbot and Requesting Certificates ====
To handle SSL certificates, Certbot needs to register an account (if not already registered) and request a certificate for the primary domain and wildcard subdomain. Add the following to postinst to check and register Certbot, then request the certificate:
<pre lang="bash">
certbot_account_count="$(find /etc/letsencrypt/accounts/acme-v02.api.letsencrypt.org/directory/ -maxdepth 1 -mindepth 1 | wc -l)"
if [ "z$certbot_account_count" = "z0" ]; then
    certbot register --non-interactive --email "$CERTBOT_EMAIL" --no-eff-email --agree-tos
fi
[ ! -f "/etc/letsencrypt/live/<cert-name>/fullchain.pem" ] || certbot certonly --non-interactive --cert-name <cert-name> --dns-rfc2136 --dns-rfc2136-credentials <path-to-dns-conf-file>/dns-auth.conf --domain "$ELEARNING_FQDN" --domain "*.$ELEARNING_FQDN" --deploy-hook /usr/share/<pkg-name>/bin/cert-deploy
</pre>
This block registers Certbot, checks for an existing certificate, and if none exists, requests a new certificate using DNS authentication with the specified dns-auth.conf file. The --deploy-hook option calls the cert-deploy file after each certificate issuance or renewal. We will create the cert-deploy in a further step.
In the case of our guide with the kaboom-api example, <code><cert-name></code> is <code>kaboom-elearning</code>, again it's up to you to select the right naming for your case.
Alois
92

edits

Retrieved from "https://docs.delftsolutions.nl/wiki/Special:MobileDiff/473"

Navigation menu