Differences

This shows you the differences between two versions of the page.

--- en:user_advanced:gs3_https [2024/09/23 02:05] – [Linux: Getting SSL certificates using certbot] kjdon
+++ en:user_advanced:gs3_https [2024/09/23 02:39] (current) – [Linux: Getting SSL certificates using certbot] kjdon
@@ Line 15: / Line 15: @@
 Once you have certbot installed, if you are using Apache, you can run
   * ''sudo certbot --apache'' - this will generate the certificates, plus also setup Apache configuration to use them.
-  * '' sudo certbot certonly'' - will generate the certificates, but do no configuration - you will need to do that yourself.
+  * ''sudo certbot certonly'' - will generate the certificates, but do no configuration - you will need to do that yourself.
 If you are adding https support to Tomcat, you can use the Greenstone ant targets to generate the certificates, plus then convert them and setup Tomcat configuration to use them.
@@ Line 21: / Line 21: @@
   * ''ant setup-https-cert'' - this will obtain the certificates from LetsEncrypt, and put them into Tomcat's conf folder.
   * ''ant renew-existing-https-cert'' - to run the renewal command and reinstall them into Tomcat.
+The SSL certificates are installed into /etc/letsencrypt/live/<tomcat.server>
 Once you use certbot to obtain certificates, it sets up a systemd timer to automatically renew them every 60 days. You shouldn't need to re-run certbot unless your settings have changed.
-Note, if your port 80 is not open by default, and you opened it just for generating the initial certificates, this renewal won't work. You'll need to open up port 80, and run ''sudo certbot renew''.
+Note, if your port 80 is not open by default, and you opened it just for generating the initial certificates, this renewal won't work. You'll need to open up port 80, and run
+  * ''sudo certbot renew''.