/* Zertifikate */
This commit is contained in:
parent
7808fd9f59
commit
e3e1c8e15e
28
TLS.mw
28
TLS.mw
|
@ -40,6 +40,34 @@ Die Zertifikate wurden folgendermaßen generiert:
|
|||
-d cccdd.de \
|
||||
-d dresden.ccc.de
|
||||
|
||||
Das Zertifikat werden automatisch am Anfang eines Monat erneuert:
|
||||
|
||||
# letsencrypt.timer
|
||||
[Unit]
|
||||
Description=Renew Let's Encrypt certificate monthly https://letsencrypt.readthedocs.org/en/latest/using.html#renewal
|
||||
[Timer]
|
||||
OnCalendar=monthly
|
||||
Persistent=true
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
||||
# letsencrypt.service
|
||||
[Unit]
|
||||
Description=Renew Let's Encrypt certificate monthly https://letsencrypt.readthedocs.org/en/latest/using.html#renewal
|
||||
[Service]
|
||||
Type=oneshot
|
||||
ExecStart=/usr/bin/letsencrypt certonly \
|
||||
--agree-tos \
|
||||
--renew-by-default \
|
||||
--webroot \
|
||||
--webroot-path /var/www/letsencrypt/ \
|
||||
--email joerg@higgsboson.tk \
|
||||
--text \
|
||||
-d c3d2.de \
|
||||
#...
|
||||
-d dresden.ccc.de
|
||||
ExecStartPost=/usr/bin/systemctl reload apache2
|
||||
|
||||
== SSL-Test ==
|
||||
Interessant und informativ bezüglich des Konfigurationstests ist definitiv [https://www.ssllabs.com/ssltest/ diese Seite von Qualys].
|
||||
|
||||
|
|
Loading…
Reference in New Issue
Block a user