2026-03-12 21:01:38

2026-03-12 22:01:38 +01:00
parent 3bd1db26cc
commit 26296b6d6a
336 changed files with 27507 additions and 0 deletions
--- a/tiddlywiki/acme_tiny.py
+++ b/tiddlywiki/acme_tiny.py
@@ -0,0 +1,74 @@
+created: 20190618154531946
+creator: vplesnila
+modified: 20190622101908943
+modifier: vplesnila
+tags: [[Apache HTTPD]]
+title: acme_tiny.py - Let's Encrypt - Free SSL/TLS Certificates
+type: text/vnd.tiddlywiki
+
+!! Create a Let's Encrypt account private key
+
+```
+openssl genpkey -algorithm rsa -pkeyopt rsa_keygen_bits:4096 -out /data/wwwroot/cassandra.itemdb.com/private/letsencrypt.key
+```
+
+
+Create a DOMAIN private key
+
+```
+openssl genrsa 4096 > /data/wwwroot/cassandra.itemdb.com/private/domain.key
+```
+
+
+!! Create a certificate signing request (CSR) for your domain
+
+```
+openssl req -new -sha256 -key domain.key -subj "/CN=cassandra.itemdb.com" > /data/wwwroot/cassandra.itemdb.com/private/domain.csr
+```
+
+
+!! Create directory for website host challenge files
+
+```
+mkdir -p /data/wwwroot/cassandra.itemdb.com/public/.well-known/acme-challenge
+```
+
+
+!! Get (or renew) a signed certificate
+
+```
+/root/shell/acme_tiny.py \
+	--account-key /data/wwwroot/cassandra.itemdb.com/private/letsencrypt.key \
+	--csr /data/wwwroot/cassandra.itemdb.com/private/domain.csr \
+	--acme-dir /data/wwwroot/cassandra.itemdb.com/public/.well-known/acme-challenge > /data/wwwroot/cassandra.itemdb.com/private/signed_chain.crt
+```
+
+!! Apache configuration
+
+
+```
+<VirtualHost *:80>
+    ServerName cassandra.itemdb.com
+    Redirect permanent / https://cassandra.itemdb.com
+    DocumentRoot "/data/wwwroot/cassandra.itemdb.com/public/"
+    <Directory "/data/wwwroot/cassandra.itemdb.com/public/">
+                Options Indexes FollowSymLinks
+                AllowOverride All
+                Require all granted
+    </Directory>
+</VirtualHost>
+
+<VirtualHost *:443>
+    ServerName cassandra.itemdb.com
+    SSLEngine on
+    SSLCertificateFile "/data/wwwroot/cassandra.itemdb.com/private/signed_chain.crt"
+    SSLCertificateKeyFile "/data/wwwroot/cassandra.itemdb.com/private/domain.key"
+    DocumentRoot "/data/wwwroot/cassandra.itemdb.com/public/"
+    <Directory "/data/wwwroot/cassandra.itemdb.com/public/">
+                DirectoryIndex index.php index.htm index.html
+                Options Indexes FollowSymLinks
+                AllowOverride All
+                Require all granted
+     </Directory>
+</VirtualHost>
+```