Install certificat :
cd ~mkdir certbot
cd certbot/
wget https://dl.eff.org/certbot-auto
sudo chown root ./certbot-auto
sudo chmod 0755 ./certbot-auto
sudo ./certbot-auto certonly --standalone -d w4v3.com
lsa ~/domoticz/
sudo rm ~/domoticz/server_cert.pem
sudo cat /etc/letsencrypt/live/YOURDOMAIN.COM/privkey.pem >> ~/domoticz/server_cert.pem
sudo cat /etc/letsencrypt/live/YOURDOMAIN.COM/fullchain.pem >> ~/domoticz/server_cert.pem
sudo cp ~/domoticz/server_cert.pem ~/domoticz/domo_server_cert.pem
cd ..
cd domoticz/
sudo /etc/init.d/domoticz.sh restart
Wait 20s then check your server status using a browser : https://www.digicert.com/help/
Auto renew now :
cd ..cd certbot/
nano cert-domoticz-update.sh
#!/bin/bash
/home/pi/certbot/certbot-auto renew
rm /home/pi/domoticz/server_cert.pem
rm /home/pi/domoticz/domo_server_cert.pem
cat /etc/letsencrypt/live/YOURDOMAIN.COM/privkey.pem >> /home/pi/domoticz/domo_server_cert.pem
cat /etc/letsencrypt/live/YOURDOMAIN.COM/fullchain.pem >> /home/pi/domoticz/domo_server_cert.pem
cp /home/pi/domoticz/domo_server_cert.pem /home/pi/domoticz/server_cert.pem
/etc/init.d/domoticz.sh restart
I use dietpi so home is /home/dietpi instead of /home/pi
Use Cron to renew certificat every day :
sudo chown root certDomoticzUpdate.shsudo chmod 0755 certDomoticzUpdate.sh
Place the script without extension in /etc/cron.daily
sudo cp /home/pi/certDomoticzUpdate.sh /etc/cron.daily/certDomoticzUpdate
Then verify cron status:
sudo run-parts --test /etc/cron.daily/
Scripte must appears in list
/etc/cron.daily/apt-compat
/etc/cron.daily/apt-show-versions
/etc/cron.daily/dietpi
/etc/cron.daily/dpkg
/etc/cron.daily/lighttpd
/etc/cron.daily/certDomoticzUpdate
/etc/cron.daily/passwd
Aucun commentaire:
Enregistrer un commentaire