Categories

SSL – Mise à jour certificat kdinh.fr

  1. Se connecter sur le site OVH pour créer une entrée DNS avec l’adresse IP public du serveur Debian 8
  2. www.kdinh.fr , cloud.kdinh.fr, phpmyadmin.kdinh.fr

Serveur DEBIAN

  1. Installer nginx
  2.  apt-get -o Acquire::ForceIPv4=true update (Forcer à utiliser IPV4)
  3. Installer Letsecrypt
  4. echo ‘deb http://ftp.debian.org/debian jessie-backports main’ | sudo tee /etc/apt/sources.list.d/backports.list
  5.  apt-get update
  6. apt-get install certbot -t jessie-backports
root@lizmap:/etc/nginx/sites-enabled# cat www.kdinh.fr
server {
listen 80;
server_name www.kdinh.fr;root /var/www/kdinh;
index index.html index.htm index.php;

location / {
try_files $uri $uri/ /index.php?q=$uri&$args;
}
location ~ /\.well-known/acme-challenge {
allow all;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}

location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
root@lizmap:/etc/nginx/sites-enabled#

  1. Vérification du certificat
  2.  certbot certonly –agree-tos –rsa-key-size 4096 -m khanh.dinh@free.fr -d www.kdinh.fr –dry-run
  3. Exécution
  4.  certbot certonly –agree-tos –rsa-key-size 4096 -m khanh.dinh@free.fr -d www.kdinh.fr
  5. Copier le répertoire /etc/letsencrypt/live  vers le serveur WordPress