Created
September 20, 2017 01:00
-
-
Save redesigned/9c90e38a821fb8be54e9a5198a4510f0 to your computer and use it in GitHub Desktop.
AWS LetsEncrypt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Apache Setup | |
<VirtualHost *:80 *:443> | |
ServerName domainname.com | |
ServerAlias www.domainname.com | |
DocumentRoot /efs/html/domainname.com | |
ErrorLog /efs/html/logs/domainname.com/error_log | |
SSLEngine on | |
SSLCertificateFile /etc/letsencrypt/live/domainname.com/fullchain.pem | |
SSLCertificateKeyFile /etc/letsencrypt/live/domainname.com/privkey.pem | |
<Directory /efs/html/domainname.com> | |
Options FollowSymLinks | |
AllowOverride all | |
Allow from all | |
Require all granted | |
</Directory> | |
</VirtualHost> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Switch to root | |
sudo su root | |
# Install Necessary Dependencies | |
yum install python27-devel git | |
# Clear Previous Install | |
rm -rf /opt/eff.org/certbot | |
rm -rf /opt/letsencrypt | |
# Fix AMI Environment | |
unset PYTHON_INSTALL_LAYOUT | |
pip install pip --upgrade | |
pip install virtualenv --upgrade | |
virtualenv -p /usr/bin/python27 venv27 | |
. venv27/bin/activate | |
# Install LetsEncrypt | |
git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt | |
/opt/letsencrypt/letsencrypt-auto --debug | |
# Setup LetsEncrypt Environment | |
echo "rsa-key-size = 4096" >> /etc/letsencrypt/config.ini | |
echo "email = email@example.com" >> /etc/letsencrypt/config.ini | |
# Install LetsEncrypt Certificates | |
/opt/letsencrypt/letsencrypt-auto --debug | |
/opt/letsencrypt/letsencrypt-auto certonly --webroot -w /var/www/yourdomainroot -d yourdomain.com -d www.yourdomain.com --config /etc/letsencrypt/config.ini --agree-tos | |
# Setup Auto Renew for LetsEncrypt Ceretificates | |
crontab -e | |
1 0 * * * sudo /opt/letsencrypt/letsencrypt-auto renew --config /etc/letsencrypt/config.ini --agree-tos && sudo apachectl graceful |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment