{"id":33,"date":"2016-02-02T14:42:19","date_gmt":"2016-02-02T13:42:19","guid":{"rendered":"https:\/\/kerms.hobby-site.org\/?p=33"},"modified":"2016-02-02T14:42:19","modified_gmt":"2016-02-02T13:42:19","slug":"howto-set-up-letsencrypt-on-opensuse-13-2","status":"publish","type":"post","link":"https:\/\/kerms.hobby-site.org\/?p=33","title":{"rendered":"HowTo set up LetsEncrypt on OpenSUSE 13.2"},"content":{"rendered":"<div class=\"cooked\">\n<p>Setting up letsencrypt on a server with OpenSUSE 13.2 and apache2.<\/p>\n<p>I suppose you have a running apache2 web server with a virtual host config file named<code>\/etc\/apache2\/vhosts.d\/mydomain.example.com.conf<\/code> for the domain <code>mydomain.example.com<\/code><\/p>\n<p>Log in to your server by ssh, make yourself root. Then:<\/p>\n<h4>1. Install required extra packages<\/h4>\n<p><code>cd \/root<\/code><br \/>\n<code>zypper in git<\/code><\/p>\n<p>On OpenSUSE 13.2 you will also need (versions of python &gt; 2.7.8 probably will not require this):<br \/>\n<code>zypper in python-pyOpenSSL<\/code><\/p>\n<h4>2. Install letsencrypt<\/h4>\n<p><code>git clone https:\/\/github.com\/letsencrypt\/letsencrypt<\/code><\/p>\n<h4>3.Configure data for letsencrypt<\/h4>\n<p>Create a file <code>\/etc\/letsencrypt\/cli.ini<\/code> with this contents:<\/p>\n<pre><code>    rsa-key-size = 4096\r\n    email = myaddress@example.com\r\n    authenticator = webroot\r\n    webroot-path = \/srv\/www\/vhosts\/mydomain.example.com\r\n    domain = mydomain.example.com<\/code><\/pre>\n<p>Obviously the webroot path must reflect the value of <code>DocumentRoot<\/code> in your server configfile<code>\/etc\/apache2\/vhosts.d\/mydomain.example.com.conf<\/code>, and email should be your address.<\/p>\n<h4>4. Get your certificate<\/h4>\n<p>cd \/root\/letsencrypt<br \/>\n.\/letsencrypt-auto certonly -c \/etc\/letsencrypt\/cli.ini<\/p>\n<h4>5. Configure the https server<\/h4>\n<p>If step 4 was successful, you&#8217;ll find your certificates in <code>\/etc\/letsencrypt\/live\/mydomain.example.com\/<\/code>. Now you need to configure your apache2 to use these certificates. At first copy your http config file to a https config file:<\/p>\n<p><code>cp -a \/etc\/apache2\/vhosts.de\/mydomain.example.com.conf \/etc\/apache2\/vhosts.de\/mydomain.example.com-ssl.conf<\/code><\/p>\n<p>In that newly created file modify the lines containing &#8222;&#8220; and &#8222;ServerName&#8220; by appending &#8222;:443&#8220; to IPs resp. domain name (resp. replacing &#8222;:80&#8220; by &#8222;:443&#8220;). After these lines add the following lines:<\/p>\n<pre><code>SSLEngine on\r\nSSLCertificateFile \/etc\/letsencrypt\/live\/mydomain.example.com\/fullchain.pem\r\nSSLCertificateKeyFile \/etc\/letsencrypt\/live\/mydomain.example.com\/privkey.pem<\/code><\/pre>\n<p>If you like, you may adjust the Logfile names (if you have the &#8222;combined&#8220; parameter in CustomLog, you may substitute that by &#8222;ssl_combined&#8220;).<\/p>\n<p>Now make sure to have ssl activated in <code>\/etc\/sysconfig\/apache2<\/code>:<\/p>\n<p><code>APACHE_MODULES=\"[...] ssl [...]\"<\/code><br \/>\nand<br \/>\n<code>APACHE_SERVER_FLAGS=\"SSL\"<\/code><\/p>\n<p>Now restart the apache2 server (after a check):<\/p>\n<pre><code>rcapache2 configtest\r\nrcapache2 restart<\/code><\/pre>\n<h4>6. Renewal of the certificate<\/h4>\n<p>If all that was successful, you may wait two months (not more than 89 days) to renew your certifcate by repeating step 4. The apache2 server does not need any new configuration, but (possibily?) a restart.<\/p>\n<div id=\"ember1263\" class=\"ember-view topic-after-cooked-outlet solved-panel\"><\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Setting up letsencrypt on a server with OpenSUSE 13.2 and apache2. I suppose you have a running apache2 web server with a virtual host config file named\/etc\/apache2\/vhosts.d\/mydomain.example.com.conf for the domain mydomain.example.com Log in to your server by ssh, make yourself &hellip; <a href=\"https:\/\/kerms.hobby-site.org\/?p=33\">Weiterlesen <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-33","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/kerms.hobby-site.org\/index.php?rest_route=\/wp\/v2\/posts\/33"}],"collection":[{"href":"https:\/\/kerms.hobby-site.org\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kerms.hobby-site.org\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kerms.hobby-site.org\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/kerms.hobby-site.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=33"}],"version-history":[{"count":2,"href":"https:\/\/kerms.hobby-site.org\/index.php?rest_route=\/wp\/v2\/posts\/33\/revisions"}],"predecessor-version":[{"id":35,"href":"https:\/\/kerms.hobby-site.org\/index.php?rest_route=\/wp\/v2\/posts\/33\/revisions\/35"}],"wp:attachment":[{"href":"https:\/\/kerms.hobby-site.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=33"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kerms.hobby-site.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=33"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kerms.hobby-site.org\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=33"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}