Self-Signed SSL Certificate / Certbot: Difference between revisions

Revision as of 21:52, 11 May 2022

We self sign our SSL Certificates for our websites proxied at these machines:

Assuming that you are already running the software/app on httpd then we can begin.

The command is:
- ```
certbot --apache <options>
```
Usually, I just use the '-d' domain flag:
- ```
certbot --apache -d sample.docking.org
```

You should only do this if UCSF IT gave you an SSL Cert to use or you are migrating a domain name to another site.
- certbot delete --cert-name sample.docking.org

Remove Let’s Encrypt Cert

openssl req -new -newkey rsa:2048 -nodes -out servername.csr -keyout servername.key

Create a directory to store the Certificate
Go to the <name>-le-ssl.conf of the site and at the bottom replace these with the path of where you put the Certificate

SSLCertificateFile <new path>
SSLCertificateKeyFile <new path>
Include <new path>
SSLCertificateChainFile <new path>

@@ Line 15: / Line 15: @@
 #You should only do this if UCSF IT gave you an SSL Cert to use or you are migrating a domain name to another site.
 #*certbot delete --cert-name sample.docking.org
+== How To Add UCSF IT SSL Cert ==
+#File an SSL Ticket Request with UCSF IT
+#Download their Certificates and replace them with letsencrypt ones
+#Remove Let’s Encrypt Cert
+#*<source>certbot delete --cert-name domain.com</source>
+#*<source>openssl req -new -newkey rsa:2048 -nodes -out servername.csr -keyout servername.key</source>
+#Create a directory to store the Certificate
+#Go to the <name>-le-ssl.conf of the site and at the bottom replace these with the path of where you put the Certificate
+<source>
+SSLCertificateFile <new path>
+SSLCertificateKeyFile <new path>
+Include <new path>
+SSLCertificateChainFile <new path>
+</source>