Last active
November 3, 2016 14:50
-
-
Save bloodyKnuckles/981bde40785df4354e9f to your computer and use it in GitHub Desktop.
Node.js https letsencrypt tls/ssl certificate setup on CentOS 7.1 x64 (Digital Ocean)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // (on the server command line, get certificate files) | |
| // git clone https://github.com/letsencrypt/letsencrypt | |
| // cd letsencrypt | |
| // ./letsencrypt-auto certonly | |
| // (in the web server directory) | |
| // vim index.js | |
| var https = require('https') | |
| var fs = require('fs') | |
| https.createServer({ | |
| key : fs.readFileSync('/etc/letsencrypt/live/<domain>/privkey.pem'), | |
| cert: fs.readFileSync('/etc/letsencrypt/live/<domain>/fullchain.pem') | |
| }, | |
| function (req, res) { | |
| res.writeHead(200) | |
| res.end("booya!\n") | |
| }).listen(443) | |
| // node index.js | |
| // curl https://<domain>/ | |
| // booya! |
Apparently I created a lineage branch because there's a mydomainname-0001 directory now. And the original lineage expired so the site SSL quit working until I updated it's credentials to include the "-0001". I'm leaving it for now since it works but I'm thinking I'll delete the "-0001" next time it expires and try to renew the original lineage.
Deleted the "-0001" branches:
rm -rf /etc/letsencrypt/live/tuitionpool.org-0001/
rm -rf /etc/letsencrypt/archive/tuitionpool.org-0001/
rm /etc/letsencrypt/renewal/tuitionpool.org-0001.conf
To renew:
cd ~/cerbot
./certbot-auto renew
To renew:
pkill node
cd ~/certbot
./certbot-auto renew
# restart node
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
To renew:
./letsencrypt-auto certonly...duh!