{"id":171,"date":"2020-01-04T18:21:16","date_gmt":"2020-01-04T17:21:16","guid":{"rendered":"https:\/\/www.delixirpro.com\/blog\/?p=171"},"modified":"2020-01-04T18:21:18","modified_gmt":"2020-01-04T17:21:18","slug":"installer-et-utiliser-lets-encrypt-pour-creer-des-certificats-ssl-pour-le-web-et-apache-2","status":"publish","type":"post","link":"https:\/\/www.delixirpro.com\/blog\/2020\/01\/04\/installer-et-utiliser-lets-encrypt-pour-creer-des-certificats-ssl-pour-le-web-et-apache-2\/","title":{"rendered":"Installer et utiliser Let’s Encrypt pour cr\u00e9er des certificats SSL pour le Web et Apache 2"},"content":{"rendered":"\n

Installer Certbot<\/p>\n\n\n\n

apt\u00a0-y install certbot<\/pre>\n\n\n\n
G\u00e9n\u00e9rer un certificat sur le domaine<\/p>\n\n\n\n
certbot certonly --webroot -w \/var\/www\/html -d domain.tld<\/pre>\n\n\n\n
Cr\u00e9er ou modifier l’h\u00f4te virtuel apache (vhost)<\/p>\n\n\n\n
<VirtualHost *:80>\n\n    ServerName domain.tld\n    ServerAlias www.domain.tld\n\n    RewriteEngine on\n    RewriteCond %{HTTPS} !on\n    RewriteRule (.*) https:\/\/%{HTTP_HOST}%{REQUEST_URI}\n\n<\/VirtualHost>\n\n<VirtualHost *:443>\n\n    ServerName domain.tld\n    ServerAlias www.domain.tld\n\n    DocumentRoot \/path\/to\/files\/www.domain.tld\n\n    <Directory \/path\/to\/files>\n        Options -Indexes\n        AllowOverride all\n        Order allow,deny\n        allow from all\n    <\/Directory>\n\n    SSLEngine on\n    SSLCertificateFile \/etc\/letsencrypt\/live\/domain.tld\/cert.pem\n    SSLCertificateKeyFile \/etc\/letsencrypt\/live\/domain.tld\/privkey.pem\n    SSLCertificateChainFile \/etc\/letsencrypt\/live\/domain.tld\/chain.pem\n    SSLProtocol all -SSLv2 -SSLv3\n    SSLHonorCipherOrder on\n    SSLCompression off\n    SSLOptions +StrictRequire\n    SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA\n    Header always set Strict-Transport-Security \"max-age=31536000; includeSubDomains\"\n\n    LogLevel warn\n    ErrorLog ${APACHE_LOG_DIR}\/www.domain.tld-error.log\n    CustomLog ${APACHE_LOG_DIR}\/www.domain.tld-access.log combined\n\n<\/VirtualHost><\/pre>\n\n\n\n
Planifier la t\u00e2che de renouvellement de certificat avec Crontab (\u00e0 2h du matin)<\/p>\n\n\n\n
crontab -e\n0 2 * * *  certbot renew <\/pre>\n\n\n\n
Source :  https:\/\/www.server-world.info\/en\/note?os=Debian_10&p=ssl&f=2<\/a> \/  https:\/\/www.memoinfo.fr\/tutoriels-linux\/configurer-lets-encrypt-apache\/<\/a> <\/p>\n","protected":false},"excerpt":{"rendered":"
Installer Certbot apt\u00a0-y install certbot G\u00e9n\u00e9rer un certificat sur le domaine certbot certonly –webroot -w \/var\/www\/html -d domain.tld Cr\u00e9er ou modifier l’h\u00f4te virtuel apache (vhost) <VirtualHost *:80>     ServerName domain.tld     ServerAlias www.domain.tld   ...<\/p>\n","protected":false},"author":1,"featured_media":172,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8],"tags":[13,15],"class_list":["post-171","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-tech-tips","tag-certbot","tag-certificat-ssl"],"_links":{"self":[{"href":"https:\/\/www.delixirpro.com\/blog\/wp-json\/wp\/v2\/posts\/171","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.delixirpro.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.delixirpro.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.delixirpro.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.delixirpro.com\/blog\/wp-json\/wp\/v2\/comments?post=171"}],"version-history":[{"count":1,"href":"https:\/\/www.delixirpro.com\/blog\/wp-json\/wp\/v2\/posts\/171\/revisions"}],"predecessor-version":[{"id":173,"href":"https:\/\/www.delixirpro.com\/blog\/wp-json\/wp\/v2\/posts\/171\/revisions\/173"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.delixirpro.com\/blog\/wp-json\/wp\/v2\/media\/172"}],"wp:attachment":[{"href":"https:\/\/www.delixirpro.com\/blog\/wp-json\/wp\/v2\/media?parent=171"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.delixirpro.com\/blog\/wp-json\/wp\/v2\/categories?post=171"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.delixirpro.com\/blog\/wp-json\/wp\/v2\/tags?post=171"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}