Letsencrypt Get Start SSL Certificate on apache/bitnami ERR_CERT_AUTHORITY_INVALID

When visit to my site on firefox. Show below error.

NET::ERR_CERT_AUTHORITY_INVALID

OH, MY GOD!!!

Letsencrypt Get Start SSL Certificate on apache/bitnami

I’m search and show below information.

Distrusting WoSign and StartCom Certificates

https://security.googleblog.com/2016/10/distrusting-wosign-and-startcom.html?m=1

Shit!!!!

I used to startcom free ssl. It’s bic problem for me..

So, I found resolution. That’s Letsencrypt https://letsencrypt.org/

It’s need to learn how to use. And I explain to you bitnami of Letsencrypt on Ubuntu 14

 

1. Download the Let’s Encrypt Client

We need to download the certbot-auto Let’s Encrypt client from the EEF site.

When you run certbot-auto, The client will automatically pull down available updates as necessary

Copy file to system path directory.

Make the script executable permission

 

2. Set Up the SSL Certificate

Generating the SSL Certificate for apache mode, I not recommend to automatic install. certonly is more to useful.

For this example, the base domain will be asecurity.so

You will be asked to provide an email address for lost key recovery and notices. Input and agree then you can see below screen.

You should be able to find the generated certificate files at /etc/letsencrypt/live/YOURDOMAIN/

If you can’t access file, add to read permission.

Then, I recommend to make a symlink to like that.

 

And Change to apache configuration.

 

I just change file path. But another option I give to you. If you need to first setting to ssl in apache. Check out.

 

3. Make Auto Renewal

Let’s Encrypt certificates are valid for 90 day, And they are recommend to renew every 60 day.

certbot-auto client offer a renew command, its’ automatically checks the currently installed certificates and tries to renew them if they are less than 30 days.

Command is use simply.

it is safe to create a cron job that runs every week.

Every Sunday 1 am run certbot-auto renew command

Now I solve my ssl problem. Yep!

 

Facebook Comments

Leave A Reply

이메일은 공개되지 않습니다. 필수 입력창은 * 로 표시되어 있습니다.