My Node.Js Bitnami Lightsail instance had its frontend code at /opt/apache/htdocs and http://example.com was working perfectly pointing to that directory (my backend located under opt/projects).
After executing Certbot LetsEncrypt my domain is now pointing to a different folder /var/www/html
Please advise on:
In certbot instruction page I choose Apache for "My HTTP website is running", there wasn't a Bitnami option, was that the right call?
Is this the right configuration and just move my code to html folder?
Does my backend code has to move too? if so where?
Any other well-known issues that I might face?
Cheers.
Bitnami Engineer here,
We do not have any guide to configure certbot and Bitnami, but we have a guide that helps you configure the Let's Encrypt SSL certificate using lego. We have a tool that configures everything so you do not need to worry about editing the Apache's conf files or setting the renew process.
sudo /opt/bitnami/bncert-tool
You can learn more about it here.
In case you want to manually create a SSL certificate, you can also run the lego tool directly
sudo /opt/bitnami/letsencrypt/lego --tls --email="EMAIL-ADDRESS" --domains="DOMAIN" --domains="www.DOMAIN" --path="/opt/bitnami/letsencrypt" run
You will later need to configure the Apache's conf files to use that new certificate file. You can learn more about it here
Note: If you used certbot and it modified the Apache's configuration, you will need to undo those changes to use the proper folder. You will need to review the /opt/bitnami/apache2/conf/httpd.conf, /opt/bitnami/apache2/conf/bitnami/bitnami.conf and /opt/bitnami/apache2/conf/vhosts/* files
Related
I am trying to install self signed ssl on IP address. I have apache in centos7. I have mod_ssl installed. I have been able to create self signed certificate with openssl req. Now I need to add this certificate to virtual hosts. I found two different files in tutorials for this purpose.
etc/apache2/sites-available/default-ssl.conf and second option is etc/httpd/conf.d/ssl.conf.
But I could find apache2 folder in etc but not sites-availabe and no httpd in etc. Where do I find the relevant file to edit virtual hosts?
Thank you.
you can just create the folder sites-available if you want inside of the Apache folder. The important thing is to check the Main Apache Config file and make sure that it is loading up the default-ssl.conf file. Usually its done by putting an Include /*. That would load up everything in that folder.
Config files for Apache under Centos should be at /etc/httpd/ instead of /etc/apache/
I am trying to configure ssl for the nginx load balancer , I see three different kinds of configuration files and I am not sure where the certificate and key file should be configured
These are
nginx/sites-available/default
nginx/sites-enabled/myDomain
nginx/nginx.conf
What are these configuration files? where should ssl be ideally configured?
It sounds like you don't know a lot about Nginx. I would start with the docs.
http://nginx.org/en/docs/
nginx/nginx.conf
This is the main Nginx config file and should not contain site-specific configurations (like SSL)
nginx/sites-available/default
This is where you configure your site (and your SSL settings). The default config is simply named "default".
nginx/sites-enabled/myDomain
This is the location that Nginx looks in for sites to serve to users. Typically, you create a symlink from here to the sites-available directory, like below.
sudo ln -s /etc/nginx/sites-available/yourconfig /etc/nginx/sites-enabled/
This allows you to easily activate/deactivate sites by just adding/removing a symlink.
Recently I discover letsencrypt which is awesome project, and it basically allows you to get ssl certificate for free.
I manage to setup my server and domain with their certificate, everything work great and my site showed the https in green which was great.
Then I connected this domain to cloudflare, which is another great solution, for many web problems.
Once my name servers were changed to cloudflare name servers the https stopped working.
:(
I am not really sure what is the root of that issue, but I manage to fixed it with a little bit of luck, so decided to write here the problem and the solution who worked for me in case other will encounter this issue in the future.
On cloudflare
https://www.cloudflare.com/a/crypto/yourdomain
default settings for ssl is full, once I changed it to
strict https start working again like charm.
2 days after I had the same issue, I changed it back to full from strict and then it worked again so I am confused and not sure if my answer here is good.
you need to use certbot when you're already using cloudflare.
check this link
So before you run the certbot command try this first export LC_ALL="C"
Then if you're on apache change the command to this
./certbot-auto certonly --webroot --webroot-path /var/www/html/ --renew-by-default --email email#host.tld --text --agree-tos -d example.tld -d www.example.tld
/var/www/html/ = where your webroot path for the domain is located.
I hope this helps..
I've faced the same issue that CloudFlare said there is a 526 error.
I could solve it by adding
SSLCertificateChainFile "/etc/letsencrypt/live/DOMAIN/chain.pem"
to the apache hosts config, since Apache < 2.4.8 needs the chain (see http://letsencrypt.readthedocs.org/en/latest/using.html)
I have my app that serves on localhost:8080. I want to configure things so that it just servers on localhost:80 (or localhost without the port specified). I was told to follow these instructions.
My apache-tomcat that I downloaded is located at /home/myusername/tools/appname/apache-tomcat-6.0.33
I can't find an httpd.conf file in that dir... so I can't make the changes that the above article mentions. I am not sure what to do. I am new to apache/tomcat. Any help would be great!
Those instructions are for apache, which is different from apache's tomcat. What you have (the 6.0.33 thing) is apache's tomcat, which hosts/runs webapps but isn't typically used as a general webserver. You need to download and install apache, then you'll be able to follow those instructions.
You can download the apache webserver here: http://httpd.apache.org/download.cgi
Or if you are using an OS with a package manager, use your OS'es package manager instead.
Typically, the httpd.conf file should be at /etc/apache2/httpd.conf (or /etc/apache/httpd.conf).
i am new to site maps, and Google sitemap generator.
i am working on a test server and neither localhost nor live. its basically a local test server.
I have installed it and also enabled remote access and am now able to access the admin console using http.
the problem is i need to enable https as well.
when i try to access it through https, i get an "SSL CONNECTION ERROR".
i know that google's documentation on this topic says something like:
To set up HTTPS on Linux:
1.Edit the file /usr/local/google-sitemap-generator/conf/httpd.conf.
2.In the VirtualHost section, edit the SSL settings.
3.Save the file.
4.Restart Apache to effect the changes.
But in the file httpd.conf, there are no "SSL settings" for me to edit.
Can someone remove this 'vagueness' from the directions?
Thanks
I suppose, you have to add to /usr/local/google-sitemap-generator/conf/httpd.conf something like this (into virtualhost directive)
SSLEngine on
SSLCertificateFile /etc/google-sitemap-generator/server.crt
SSLCertificateKeyFile /etc/google-sitemap-generator/server.key
This link was helpful for me: http://groups.google.com/group/google-sitemap-generator/browse_thread/thread/a5b0575efad76328
In my case server.crt and server.key files were generated by openssl command (http://www.akadia.com/services/ssh_test_certificate.html).
Make sure mod_ssl is enabled in Apache (run a2enmod).